ISC-CCSP

CCSP Three central concepts define what type of data and information an organization is responsible for pertaining to eDiscovery.Which of the following are the three components that comprise required disclosure?

CCSP Which of the following threat types involves the sending of commands or arbitrary data through input fields in an application in an attempt to get that code executed as part of normal processing?

CCSP With a cloud service category where the cloud customer is responsible for deploying all services, systems, and components needed for their applications, which of the following storage types are MOST likely to be available to them?

CCSP Which of the following roles would be responsible for managing memberships in federations and the use and integration of federated services?

CCSP Which data state would be most likely to use TLS as a protection mechanism?

CCSP You are working for a cloud service provider and receive an eDiscovery order pertaining to one of your customers.Which of the following would be the most appropriate action to take first?

CCSP If a cloud computing customer wishes to guarantee that a minimum level of resources will always be available, which of the following set of services would compromise the reservation?

CCSP Which of the following threat types can occur when baselines are not appropriately applied or when unauthorized changes are made?

CCSP Which of the following is considered an internal redundancy for a data center?

CCSP Which of the following threat types involves the sending of invalid and manipulated requests through a user's client to execute commands on the application under their own credentials?

CCSP With finite resources available within a cloud, even the largest cloud providers will at times need to determine which customers will receive additional resources first.What is the term associated with this determination?

CCSP In order to comply with regulatory requirements, which of the following secure erasure methods would be available to a cloud customer using volume storage within the IaaS service model?

CCSP Where is a DLP solution generally installed when utilized for monitoring data in use?

CCSP Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?

CCSP Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP technologies to protect the data?

CCSP During which phase of the cloud data lifecycle is it possible for the classification of data to change?

CCSP If a key feature of cloud computing that your organization desires is the ability to scale and expand without limit or concern about available resources, which cloud deployment model would you MOST likely be considering?

CCSP What is a serious complication an organization faces from the compliance perspective with international operations?

CCSP ISO/IEC has established international standards for many aspects of computing and any processes or procedures related to information technology.Which ISO/IEC standard has been established to provide a framework for handling eDiscovery processes?

CCSP If a company needed to guarantee through contract and SLAs that a cloud provider would always have available sufficient resources to start their services and provide a certain level of provisioning, what would the contract need to refer to?

CCSP Many aspects and features of cloud computing can make eDiscovery compliance more difficult or costly.Which aspect of cloud computing would be the MOST complicating factor?

CCSP A crucial decision any company must make is in regard to where it hosts the data systems it depends on. A debate exists as to whether it's best to lease space in a data center or build your own data center--and now with cloud computing, whether to purchase resources within a cloud.What is the biggest advantage to leasing space in a data center versus procuring cloud services?

CCSP Which of the following systems is used to employ a variety of different techniques to discover and alert on threats and potential threats to systems and networks?

CCSP Which of the following is not a risk management framework?

CCSP In order to ensure ongoing compliance with regulatory requirements, which phase of the cloud data lifecycle must be tested regularly?

CCSP Which of the following threat types involves leveraging a user's browser to send untrusted data to be executed with legitimate access via the user's valid credentials?

CCSP Digital investigations have adopted many of the same methodologies and protocols as other types of criminal or scientific inquiries.What term pertains to the application of scientific norms and protocols to digital investigations?

CCSP Within a federated identity system, which entity accepts tokens from the identity provider?

CCSP Different types of audits are intended for different audiences, such as internal, external, regulatory, and so on.Which of the following audits are considered "restricted use" versus being for a more broad audience?

CCSP Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-basedIDS over a host-based IDS, assuming all capabilities are equal?