ISC-CCSP

CCSP What process is used within a clustered system to provide high availability and load balancing?

CCSP Which of the following is NOT a function performed by the handshake protocol of TLS?

CCSP Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time. What is the minimum span of time for a SOC Type 2 report?

CCSP What changes are necessary to application code in order to implement DNSSEC?

CCSP Which type of controls are the SOC Type 1 reports specifically focused on?

CCSP Which security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?

CCSP Which of the following is NOT a domain of the Cloud Controls Matrix (CCM)?

CCSP Which security concept, if implemented correctly, will protect the data on a system, even if a malicious actor gains access to the actual system?

CCSP Which of the following is the sole responsibility of the cloud provider, regardless of which cloud model is used?

CCSP Which of the following is NOT a factor that is part of a firewall configuration?

CCSP Which of the cloud deployment models involves spanning multiple cloud environments or a mix of cloud hosting models?

CCSP Which of the following is NOT one of five principles of SOC Type 2 audits?

CCSP Which aspect of cloud computing makes data classification even more vital than in a traditional data center?

CCSP What concept does the "T" represent in the STRIDE threat model?

CCSP Which of the following would be a reason to undertake a BCDR test?

CCSP What is the biggest challenge to data discovery in a cloud environment?

CCSP Which crucial aspect of cloud computing can be most threatened by insecure APIs?

CCSP Which of the following should NOT be part of the requirement analysis phase of the software development lifecycle?

CCSP Which of the cloud cross-cutting aspects relates to the assigning of jobs, tasks, and roles, as well as to ensuring they are successful and properly performed?

CCSP Which regulatory system pertains to the protection of healthcare data?

CCSP Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?

CCSP Which security concept would business continuity and disaster recovery fall under?

CCSP Which of the following is NOT an application or utility to apply and enforce baselines on a system?

CCSP Which of the cloud cross-cutting aspects relates to the ability for a cloud customer to easily remove their applications and data from a cloud environment?

CCSP Which of the following is NOT a function performed by the record protocol of TLS?

CCSP What concept does the "R" represent with the DREAD model?

CCSP The SOC Type 2 reports are divided into five principles.Which of the five principles must also be included when auditing any of the other four principles?

CCSP How many additional DNS queries are needed when DNSSEC integrity checks are added?

CCSP Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

CCSP Which of the following service categories entails the least amount of support needed on the part of the cloud customer?