Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home ISC CCSP

ISC CCSP Exam Practice Questions (P. 3)

  • Full Access (512 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
Within an Infrastructure as a Service model, which of the following would NOT be a measured service?
  1. A
    CPU
  2. B
    Storage
  3. C
    Number of users
  4. D
    Memory

Correct Answer:
C
Within IaaS, the number of users on a system is not relevant to the particular hosting model in regard to cloud resources. IaaS is focused on infrastructure needs of a system or application. Therefore, a factor such as the number of users that could affect licensing requirements, for example, would apply to the SaaS model, or in some instances to PaaS.

Question #22
Which of the following is NOT a criterion for data within the scope of eDiscovery?
  1. A
    Possession
  2. B
    Custody
  3. C
    Control
  4. D
    Archive

Correct Answer:
D
eDiscovery pertains to information and data that is in the possession, control, and custody of an organization.

Question #23
Which United States law is focused on accounting and financial practices of organizations?
  1. A
    Safe Harbor
  2. B
    GLBA
  3. C
    SOX
  4. D
    HIPAA

Correct Answer:
C
The Sarbanes-Oxley (SOX) Act is not an act that pertains to privacy or IT security directly, but rather regulates accounting and financial practices used by organizations. It was passed to protect stakeholders and shareholders from improper practices and errors, and it sets forth rules for compliance, regulated and enforced by the Securities and Exchange Commission (SEC). The main influence on IT systems and operations is the requirements it sets for data retention, specifically in regard to what types of records must be preserved and for how long.

Question #24
What type of masking strategy involves making a separate and distinct copy of data with masking in place?
  1. A
    Dynamic
  2. B
    Replication
  3. C
    Static
  4. D
    Duplication

Correct Answer:
C
With static masking, a separate and distinct copy of the data set is created with masking in place. This is typically done through a script or other process that takes a standard data set, processes it to mask the appropriate and predefined fields, and then outputs the data set as a new one with the completed masking done.

Question #25
Which of the following storage types is most closely associated with a database-type storage implementation?
  1. A
    Object
  2. B
    Unstructured
  3. C
    Volume
  4. D
    Structured

Correct Answer:
D
Structured storage involves organized and categorized data, which most closely resembles and operates like a database system would.

Question #26
Which of the following roles is responsible for overseeing customer relationships and the processing of financial transactions?
  1. A
    Cloud service manager
  2. B
    Cloud service deployment
  3. C
    Cloud service business manager
  4. D
    Cloud service operations manager

Correct Answer:
C
The cloud service business manager is responsible for overseeing business plans and customer relationships as well as processing financial transactions.

Question #27
Which protocol does the REST API depend on?
  1. A
    HTTP
  2. B
    XML
  3. C
    SAML
  4. D
    SSH

Correct Answer:
A
Representational State Transfer (REST) is a software architectural scheme that applies the components, connectors, and data conduits for many web applications used on the Internet. It uses and relies on the HTTP protocol and supports a variety of data formats.

Question #28
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the
European Union?
  1. A
    GLBA
  2. B
    HIPAA
  3. C
    Safe Harbor
  4. D
    SOX

Correct Answer:
C
Due to the lack of an adequate privacy law or protection at the federal level in the United States, European privacy regulations generally prohibit the exporting or sharing of PII from Europe with the United States. Participation in the Safe Harbor program is voluntary on behalf of an organization, but it does require them to conform to specific requirements and policies that mirror those from the EU. Thus, organizations can fulfill requirements for data sharing and export and possibly serve customers in the EU.

Question #29
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
  1. A
    Certification
  2. B
    Costs
  3. C
    Regulation
  4. D
    Control

Correct Answer:
B
When leasing space in a data center, an organization can avoid the enormous startup and building costs associated with a data center, and can instead leverage economies of scale by grouping with other organizations and sharing costs.

Question #30
Which of the following security measures done at the network layer in a traditional data center are also applicable to a cloud environment?
  1. A
    Dedicated switches
  2. B
    Trust zones
  3. C
    Redundant network circuits
  4. D
    Direct connections

Correct Answer:
B
Trust zones can be implemented to separate systems or tiers along logical lines for great security and access controls. Each zone can then have its own security controls and monitoring based on its particular needs.

Previous Questions Next Questions

All Pages