ISC-CCSP

CCSP DNSSEC was designed to add a layer of security to the DNS protocol.Which type of attack was the DNSSEC extension designed to mitigate?

CCSP Which aspect of cloud computing pertains to cloud customers only paying for the resources and services they actually use?

CCSP Many of the traditional concepts of systems and services for a traditional data center also apply to the cloud. Both are built around key computing concepts.Which of the following compromise the two facets of computing?

CCSP With a cloud service category where the cloud customer is provided a full application framework into which to deploy their code and services, which storage types are MOST likely to be available to them?

CCSP Firewalls are used to provide network security throughout an enterprise and to control what information can be accessed--and to a certain extent, through what means.Which of the following is NOT something that firewalls are concerned with?

CCSP Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?

CCSP Many different common threats exist against web-exposed services and applications. One attack involves attempting to leverage input fields to execute queries in a nested fashion that is unintended by the developers.What type of attack is this?

CCSP For service provisioning and support, what is the ideal amount of interaction between a cloud customer and cloud provider?

CCSP What does a cloud customer purchase or obtain from a cloud provider?

CCSP Which phase of the cloud data lifecycle represents the first instance where security controls can be implemented?

CCSP You were recently hired as a project manager at a major university to implement cloud services for the academic and administrative systems. Because the load and demand for services at a university are very cyclical in nature, commensurate with the academic calendar, which of the following aspects of cloud computing would NOT be a primary benefit to you?

CCSP Which cloud deployment model is MOST likely to offer free or very cheap services to users?

CCSP Where is a DLP solution generally installed when utilized for monitoring data in transit?

CCSP With IaaS, what is responsible for handling the security and control over the volume storage space?

CCSP Configurations and policies for a system can come from a variety of sources and take a variety of formats. Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?

CCSP Which of the following tasks within a SaaS environment would NOT be something the cloud customer would be responsible for?

CCSP An SLA contains the official requirements for contract performance and satisfaction between the cloud provider and cloud customer.Which of the following would NOT be a component with measurable metrics and requirements as part of an SLA?

CCSP Within a federated identity system, which of the following would you be MOST likely to use for sending information for consumption by a relying party?

CCSP Which data state would be most likely to use digital signatures as a security protection mechanism?

CCSP There is a large gap between the privacy laws of the United States and those of the European Union. Bridging this gap is necessary for American companies to do business with European companies and in European markets in many situations, as the American companies are required to comply with the stricter requirements.Which US program was designed to help companies overcome these differences?

CCSP Audits are either done based on the status of a system or application at a specific time or done as a study over a period of time that takes into account changes and processes.Which of the following pairs matches an audit type that is done over time, along with the minimum span of time necessary for it?

CCSP With software-defined networking (SDN), which two types of network operations are segregated to allow for granularity and delegation of administrative access and functions?

CCSP Along with humidity, temperature is crucial to a data center for optimal operations and protection of equipment.Which of the following is the optimal temperature range as set by ASHRAE?

CCSP Which of the following statements best describes a Type 1 hypervisor?

CCSP Which cloud storage type resembles a virtual hard drive and can be utilized in the same manner and with the same type of features and capabilities?

CCSP Which aspect of SaaS will alleviate much of the time and energy organizations spend on compliance (specifically baselines)?

CCSP Many tools and technologies are available for securing or monitoring data in transit within a data center, whether it is a traditional data center or a cloud.Which of the following is NOT a technology for securing data in transit?

CCSP With a federated identity system, where would a user perform their authentication when requesting services or application access?

CCSP Where is an XML firewall most commonly and effectively deployed in the environment?

CCSP Modern web service systems are designed for high availability and resiliency. Which concept pertains to the ability to detect problems within a system, environment, or application and programmatically invoke redundant systems or processes for mitigation?