ISC2 CCSP Free Practice Questions

NEW QUESTION 1

You are the security subject matter expert (SME) for an organization considering a transition from the legacy environment into a hosted cloud provider’s data center.
One of the challenges you’re facing is whether the provider will have undue control over your data once it is within the provider’s data center; will the provider be able to hold your organization hostage because they have your data?
This is a(n) ______ issue. Response:

• A. Interoperability
• B. Portability
• C. Availability
• D. Security

Answer: B

NEW QUESTION 2

In the cloud motif, the data processor is usually: Response:

• A. The party that assigns access rights
• B. The cloud customer
• C. The cloud provider
• D. The cloud access security broker

Answer: C

NEW QUESTION 3

What are the six components that make up the STRIDE threat model? Response:

• A. Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege
• B. Spoofing, Tampering, Non-Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege
• C. Spoofing, Tampering, Repudiation, Information Disclosure, Distributed Denial of Service, and Elevation of Privilege
• D. Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Social Engineering

Answer: A

NEW QUESTION 4

Your company has just been served with an eDiscovery order to collect event data and other pertinent information from your application during a specific period of time, to be used as potential evidence for a court proceeding.
Which of the following, apart from ensuring that you collect all pertinent data, would be the MOST important consideration?
Response:

• A. Encryption
• B. Chain of custody
• C. Compression
• D. Confidentiality

Answer: B

NEW QUESTION 5

Setting thermostat controls by measuring the temperature will result in the ______ highest energy costs. Response:

• A. Server inlet
• B. Return air
• C. Under-floor
• D. External ambient

Answer: B

NEW QUESTION 6

Cloud environments are based entirely on virtual machines and virtual devices, and those images are also in need of storage within the environment. What type of storage is typically used for virtual images?
Response:

• A. Volume
• B. Structured
• C. Unstructured
• D. Object

Answer: D

NEW QUESTION 7

Which of the following practices can enhance both operational capabilities and configuration management efforts?
Response:

• A. Regular backups
• B. Constant uptime
• C. Multifactor authentication
• D. File hashes

Answer: D

NEW QUESTION 8

Managed cloud services exist because the service is less expensive for each customer than creating the same services for themselves in a legacy environment.
Using a managed service allows the customer to realize significant cost savings through the reduction of
______.
Response:

• A. Risk
• B. Security controls
• C. Personnel
• D. Data

Answer: C

NEW QUESTION 9

Which of the following is NOT one of the cloud computing activities, as outlined in ISO/IEC 17789? Response:

• A. Cloud service provider
• B. Cloud service partner
• C. Cloud service administrator
• D. Cloud service customer

Answer: C

NEW QUESTION 10

The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months. The 2013 OWASP Top Ten list includes “cross-site scripting (XSS).”
Which of the following is not a method for reducing the risk of XSS attacks? Response:

• A. Use an auto-escaping template system.
• B. XML escape all identity assertions.
• C. Sanitize HTML markup with a library designed for the purpose.
• D. HTML escape JSON values in an HTML context and read the data with JSON.parse.

Answer: B

NEW QUESTION 11

Which security certification serves as a general framework that can be applied to any type of system or application?
Response:

• A. ISO/IEC 27001
• B. PCI DSS
• C. FIPS 140-2
• D. NIST SP 800-53

Answer: A

NEW QUESTION 12

An audit against the ______ will demonstrate that an organization has a holistic, comprehensive security program.
Response:

• A. SAS 70 standard
• B. SSAE 16 standard
• C. SOC 2, Type 2 report matrix
• D. ISO 27001 certification requirements

Answer: D

NEW QUESTION 13

Which of the following is not an enforceable governmental request? Response:

• A. Warrant
• B. Subpoena
• C. Court order
• D. Affidavit

Answer: D

NEW QUESTION 14

Log data should be protected ______.
Response:

• A. One level below the sensitivity level of the systems from which it was collected
• B. At least at the same sensitivity level as the systems from which it was collected
• C. With encryption in transit, at rest, and in use
• D. According to NIST guidelines

Answer: B

NEW QUESTION 15

______ is perhaps the main external factor driving IAM efforts. Response:

• A. Regulation
• B. Business need
• C. The evolving threat landscape
• D. Monetary value

Answer: A

NEW QUESTION 16

The cloud deployment model that features joint ownership of assets among an affinity group is known as: Response:

• A. Private
• B. Public
• C. Hybrid
• D. Community

Answer: D

NEW QUESTION 17
......