ISC-CCSP

CCSP What is the first stage of the cloud data lifecycle where security controls can be implemented?

CCSP What controls the formatting and security settings of a volume storage system within a cloud environment?

CCSP What does SDN stand for within a cloud environment?

CCSP From a legal perspective, what is the most important first step after an eDiscovery order has been received by the cloud provider?

CCSP Which of the following would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?

CCSP Which of the following pertains to fire safety standards within a data center, specifically with their enormous electrical consumption?

CCSP Which of the following roles involves the connection and integration of existing systems and services to a cloud environment?

CCSP Which technique involves replacing values within a specific data field to protect sensitive data?

CCSP What expectation of data custodians is made much more challenging by a cloud implementation, especially with PaaS or SaaS?

CCSP What type of PII is controlled based on laws and carries legal penalties for noncompliance with requirements?

CCSP Which if the following is NOT one of the three components of a federated identity system transaction?

CCSP Which value refers to the amount of time it takes to recover operations in a BCDR situation to meet management's objectives?

CCSP Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?

CCSP What provides the information to an application to make decisions about the authorization level appropriate when granting access?

CCSP What is a standard configuration and policy set that is applied to systems and virtual machines called?

CCSP Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?

CCSP Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?

CCSP Which type of audit report is considered a "restricted use" report for its intended audience?

CCSP What is the concept of segregating information or processes, within the same system or application, for security reasons?

CCSP The European Union passed the first major regulation declaring data privacy to be a human right. In what year did it go into effect?

CCSP Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?

CCSP Which of the following is the MOST important requirement and guidance for testing during an audit?

CCSP Which value refers to the amount of data an organization would need to recover in the event of a BCDR situation in order to reach an acceptable level of operations?

CCSP What must SOAP rely on for security?

CCSP Which of the following is a commonly used tool for maintaining system configurations?

CCSP What type of data does data rights management (DRM) protect?

CCSP Which type of testing uses the same strategies and toolsets that hackers would use?

CCSP From a security perspective, which of the following is a major concern when evaluating possible BCDR solutions?

CCSP Which of the following is NOT a focus or consideration of an internal audit?

CCSP Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?