ISC2 CCSP Free Practice Questions

NEW QUESTION 1

Which of the following is a method for apportioning resources that involves setting guaranteed minimums for all tenants/customers within the environment?
Response:

• A. Reservations
• B. Shares
• C. Cancellations
• D. Limits

Answer: A

NEW QUESTION 2

What are the phases of a software development lifecycle process model? Response:

• A. Planning and requirements analysis, define, design, develop, testing, and maintenance
• B. Define, planning and requirements analysis, design, develop, testing, and maintenance
• C. Planning and requirements analysis, define, design, testing, develop, and maintenance
• D. Planning and requirements analysis, design, define, develop, testing, and maintenance

Answer: A

NEW QUESTION 3

Resolving resource contentions in the cloud will most likely be the job of the ______.
Response:

• A. Router
• B. Emulator
• C. Regulator
• D. Hypervisor

Answer: D

NEW QUESTION 4

Each of the following is an element of the Identification phase of the identity and access management (IAM) process except ______.
Response:

• A. Provisioning
• B. Inversion
• C. Management
• D. Deprovisioning

Answer: B

NEW QUESTION 5

The Brewer-Nash security model is also known as which of the following? Response:

• A. MAC
• B. The Chinese Wall model
• C. Preventive measures
• D. RBAC

Answer: B

NEW QUESTION 6

What is the term that describes the situation when a malicious user/attacker can exit the restrictions of a single host and access other nodes on the network?
Response:

• A. Host escape
• B. Guest escape
• C. Provider exit
• D. Escalation of privileges

Answer: A

NEW QUESTION 7

DLP solutions can aid in deterring loss due to which of the following?
Response:

• A. Randomization
• B. Inadvertent disclosure
• C. Natural disaster
• D. Device failure

Answer: B

NEW QUESTION 8

You have been tasked by management to offload processing and validation of incoming encoded data from your application servers and their associated APIs. Which of the following would be the most appropriate device or software to consider?
Response:

• A. XML accelerator
• B. XML firewall
• C. Web application firewall
• D. Firewall

Answer: A

NEW QUESTION 9

Which of the following is not a security concern related to archiving data for long-term storage? Response:

• A. Long-term storage of the related cryptographic keys
• B. Format of the data
• C. Media the data resides on
• D. Underground depth of the storage facility

Answer: D

NEW QUESTION 10

The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) program has ______ tiers.
Response:

• A. Two
• B. Three
• C. Four
• D. Eight

Answer: B

NEW QUESTION 11

Which of the following is the correct name for Tier II of the Uptime Institute Data Center Site Infrastructure Tier Standard Topology?

• A. Concurrently Maintainable Site Infrastructure
• B. Fault-Tolerant Site Infrastructure
• C. Basic Site Infrastructure
• D. Redundant Site Infrastructure Capacity Components

Answer: D

NEW QUESTION 12

Which kind of SSAE audit reviews controls dealing with the organization’s controls for assuring the confidentiality, integrity, and availability of data?
Response:

• A. SOC 1
• B. SOC 2
• C. SOC 3
• D. SOC 4

Answer: B

NEW QUESTION 13

Which of the following types of software is a Type 2 hypervisor dependent on that a Type 1 hypervisor isn’t? Response:

• A. VPN
• B. Firewall
• C. Operating system
• D. IDS

Answer: C

NEW QUESTION 14

A federated identity system is composed of three main components. Which of the following is NOT one of the three main components?
Response:

• A. Identity provider
• B. User
• C. Relying party
• D. API

Answer: D

NEW QUESTION 15

Which of the following is not typically included as a basic phase of the software development life cycle?

• A. Define
• B. Design
• C. Describe
• D. Develop

Answer: C

NEW QUESTION 16

Which type of cloud-based storage is IRM typically associated with? Response:

• A. Volume
• B. Unstructured
• C. Structured
• D. Object

Answer: D

NEW QUESTION 17
......