ISC2 CCSP Free Practice Questions

NEW QUESTION 1

Impact resulting from risk being realized is often measured in terms of ______.

• A. Amount of data lost
• B. Money
• C. Amount of property lost
• D. Number of people affected

Answer: B

NEW QUESTION 2

You are the security manager for a small application development company. Your company is considering the use of the cloud for software testing purposes. Which cloud service model is most likely to suit your needs?
Response:

• A. IaaS
• B. PaaS
• C. SaaS
• D. LaaS

Answer: B

NEW QUESTION 3
What does nonrepudiation mean?
Response:

• A. Prohibiting certain parties from a private conversation
• B. Ensuring that a transaction is completed before saving the results
• C. Ensuring that someone cannot turn off auditing capabilities while performing a function
• D. Preventing any party that participates in a transaction from claiming that it did not

Answer: D

NEW QUESTION 4

Proper ______ need to be assigned to each data classification/category. Response:

• A. Dollar values
• B. Metadata
• C. Security controls
• D. Policies

Answer: C

NEW QUESTION 5

Which kind of SSAE audit report is a cloud customer most likely to receive from a cloud provider? Response:

• A. SOC 1 Type 1
• B. SOC 2 Type 2
• C. SOC 1 Type 2
• D. SOC 3

Answer: D

NEW QUESTION 6

Which of the following is NOT one of the security domains presented within the Cloud Controls Matrix? Response:

• A. Financial security
• B. Mobile security
• C. Data center security
• D. Interface security

Answer: A

NEW QUESTION 7

When a customer performs a penetration test in the cloud, why isn’t the test an optimum simu-lation of attack conditions?
Response:

• A. Attackers don’t use remote access for cloud activity
• B. Advanced notice removes the element of surprise
• C. When cloud customers use malware, it’s not the same as when attackers use malware
• D. Regulator involvement changes the attack surface

Answer: B

NEW QUESTION 8

When using transparent encryption of a database, where does the encryption engine reside? Response:

• A. At the application using the database
• B. On the instance(s) attached to the volume
• C. In a key management system
• D. Within the database

Answer: D

NEW QUESTION 9

You are the data manager for a retail company; you anticipate a much higher volume of sales activity in the final quarter of each calendar year than the other quarters.
In order to handle these increased transactions, and to accommodate the temporary sales personnel you will hire for only that time period, you consider augmenting your internal, on-premises production environment with a cloud capability for a specific duration, and will return to operating fully on-premises after the period of increased activity.
This is an example of ______.
Response:

• A. Cloud framing
• B. Cloud enhancement
• C. Cloud fragility
• D. Cloud bursting

Answer: D

NEW QUESTION 10

Which of the following would probably best aid an organization in deciding whether to migrate from a legacy environment to a particular cloud provider?
Response:

• A. Rate sheets comparing a cloud provider to other cloud providers
• B. Cloud provider offers to provide engineering assistance during the migration
• C. The cost/benefit measure of closing the organization’s relocation site (hot site/warm site) and using the cloud for disaster recovery instead
• D. SLA satisfaction surveys from other (current and past) cloud customers

Answer: D

NEW QUESTION 11

Which SSAE 16 report is purposefully designed for public release (for instance, to be posted on a company’s website)?
Response:

• A. SOC 1
• B. SOC 2, Type 1
• C. SOC 2, Type 2
• D. SOC 3

Answer: D

NEW QUESTION 12

Which of the following best describes data masking? Response:

• A. A method where the last few numbers in a dataset are not obscure
• B. These are often used for authentication.
• C. A method for creating similar but inauthentic datasets used for software testing and user training.
• D. A method used to protect prying eyes from data such as social security numbers and credit card data.
• E. Data masking involves stripping out all similar digits in a string of numbers so as to obscure the original number.

Answer: B

NEW QUESTION 13

Which technology is most associated with tunneling? Response:

• A. IPSec
• B. GRE
• C. IaaS
• D. XML

Answer: B

NEW QUESTION 14

A loosely coupled storage cluster will have performance and capacity limitations based on the ______.
Response:

• A. Physical backplane connecting it
• B. Total number of nodes in the cluster
• C. Amount of usage demanded
• D. The performance and capacity in each node

Answer: D

NEW QUESTION 15

When designing a cloud data center, which of the following aspects is not necessary to ensure continuity of operations during contingency operations?
Response:

• A. Access to clean water
• B. Broadband data connection
• C. Extended battery backup
• D. Physical access to the data center

Answer: C

NEW QUESTION 16

Which of the following is characterized by a set maximum capacity? Response:

• A. A secret-sharing-made-short (SSMS) bit-splitting implementation
• B. A tightly coupled cloud storage cluster
• C. A loosely coupled cloud storage cluster
• D. A public-key infrastructure

Answer: B

NEW QUESTION 17
......