Tag - CCSP exam

Which of the following is NOT a criterion for data within the scope of eDiscovery?A . PossessionB . CustodyC . ControlD . ArchiveView AnswerAnswer: D Explanation: eDiscovery pertains to information and data that is in the possession, control, and custody of an organization.

Which security concept is focused on the trustworthiness of data?A . IntegrityB . AvailabilityC . NonrepudiationD . ConfidentialityView AnswerAnswer: A Explanation: Integrity is focused on the trustworthiness of data as well as the prevention of unauthorized modification or tampering of it. A prime consideration for maintaining integrity is an emphasis...

Which of the cloud deployment models is used by popular services such as iCloud, Dropbox, and OneDrive?A . HybridB . PublicC . PrivateD . CommunityView AnswerAnswer: B Explanation: Popular services such as iCloud, Dropbox, and OneDrive are all publicly available and are open to any user for free, with possible...

Which of the following actions will NOT make data part of the "create" phase of the cloud data lifecycle?A . Modifying metadataB . Importing dataC . Modifying dataD . Constructing new dataView AnswerAnswer: A Explanation: Although the initial phase is called "create," it can also refer to modification. In essence,...

Firewalls are used to provide network security throughout an enterprise and to control what information can be accessed--and to a certain extent, through what means. Which of the following is NOT something that firewalls are concerned with?A . IP addressB . EncryptionC . PortD . ProtocolView AnswerAnswer: B Explanation: Firewalls...

Which data state would be most likely to use digital signatures as a security protection mechanism?A . Data in useB . Data in transitC . ArchivedD . Data at restView AnswerAnswer: A Explanation: During the data-in-use state, the information has already been accessed from storage and transmitted to the service,...

Which of the following threat types can occur when baselines are not appropriately applied or unauthorized changes are made?A . Insecure direct object referencesB . Unvalidated redirects and forwardsC . Security misconfigurationD . Sensitive data exposureView AnswerAnswer: C Explanation: Security misconfigurations occur when applications and systems are not properly configured...

You just hired an outside developer to modernize some applications with new web services and functionality. In order to implement a comprehensive test platform for validation, the developer needs a data set that resembles a production data set in both size and composition. In order to accomplish this, what type...

Which of the following is the sole responsibility of the cloud provider, regardless of which cloud model is used?A . PlatformB . DataC . Physical environmentD . InfrastructureView AnswerAnswer: C Explanation: Regardless of which cloud-hosting model is used, the cloud provider always has sole responsibility for the physical environment.

Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP technologies to protect the data?A . UseB . StoreC . ShareD . CreateView AnswerAnswer: C Explanation: During the share phase, data is allowed to leave the application for consumption by other vendors, systems,...