ISC-CCSP

CCSP What's a potential problem when object storage versus volume storage is used within IaaS for application use and dependency?

CCSP Many aspects of cloud computing bring enormous benefits over a traditional data center, but also introduce new challenges unique to cloud computing.Which of the following aspects of cloud computing makes appropriate data classification of high importance?

CCSP Without the extensive funds of a large corporation, a small-sized company could gain considerable and cost-effective services for which of the following concepts by moving to a cloud environment?

CCSP BCDR strategies typically do not involve the entire operations of an organization, but only those deemed critical to their business.Which concept pertains to the amount of data and services needed to reach the predetermined level of operations?

CCSP Which of the following is NOT a commonly used communications method within cloud environments to secure data in transit?

CCSP Which crucial aspect of cloud computing can be most threatened by insecure APIs?

CCSP The WS-Security standards are built around all of the following standards except which one?

CCSP Which protocol, as a part of TLS, handles negotiating and establishing a connection between two parties?

CCSP BCDR strategies typically do not involve the entire operations of an organization, but only those deemed critical to their business.Which concept pertains to the required amount of time to restore services to the predetermined level?

CCSP Your company is in the planning stages of moving applications that have large data sets to a cloud environment.What strategy for data removal would be the MOST appropriate for you to recommend if costs and speed are primary considerations?

CCSP Which of the following is a management role, versus a technical role, as it pertains to data management and oversight?

CCSP IRM solutions allow an organization to place different restrictions on data usage than would otherwise be possible through traditional security controls.Which of the following controls would be possible with IRM that would not with traditional security controls?

CCSP Which data protection strategy would be useful for a situation where the ability to remove sensitive data from a set is needed, but a requirement to retain the ability to map back to the original values is also present?

CCSP A comprehensive BCDR plan will encapsulate many or most of the traditional concerns of operating a system in any data center.However, what is one consideration that is often overlooked with the formulation of a BCDR plan?

CCSP Which of the following is NOT one of the components of multifactor authentication?

CCSP Above and beyond general regulations for data privacy and protection, certain types of data are subjected to more rigorous regulations and oversight.Which of the following is not a regulatory framework for more sensitive or specialized data?

CCSP Which data sanitation method is also commonly referred to as "zeroing"?

CCSP What is the concept of isolating an application from the underlying operating system for testing purposes?

CCSP Which of the following could be used as a second component of multifactor authentication if a user has an RSA token?

CCSP Which of the following is NOT one of the official risk rating categories?

CCSP SOC Type 1 reports are considered "restricted use," in that they are intended only for limited audiences and purposes.Which of the following is NOT a population that would be appropriate for a SOC Type 1 report?

CCSP Having a reservation in a cloud environment can ensure operations continue in the event of high utilization across the cloud.Which of the following would NOT be a capability covered by reservations?

CCSP What must SOAP rely on for security since it does not provide security as a built-in capability?

CCSP With a federated identity system, what does the identity provider send information to after a successful authentication?

CCSP Which of the following technologies is NOT commonly used for accessing systems and services in a cloud environment in a secure manner?

CCSP Which component of ITIL involves handling anything that can impact services for either internal or public users?

CCSP Which protocol, as a part of TLS, handles the actual secure communications and transmission of data?

CCSP Which of the following terms is NOT a commonly used category of risk acceptance?

CCSP Many activities within a cloud environment are performed via programmatic means, where complex and distributed operations are handled without the need to perform each step individually.Which of the following concepts does this describe?

CCSP Being in a cloud environment, cloud customers lose a lot of insight and knowledge as to how their data is stored and their systems are deployed.Which concept from the ISO/IEC cloud standards relates to the necessity of the cloud provider to inform the cloud customer on these issues?