Get 100% Authentic ISC CCSP Dumps with Correct Answers [Q223-Q243]

Share

Get 100% Authentic ISC CCSP Dumps with Correct Answers

New Training Course CCSP Tutorial Preparation Guide

NEW QUESTION # 223
Every cloud service provider that opts to join the CSA STAR program registry must complete a
___________.

  • A. NIST 800-37 RMF audit
  • B. SOC 2, Type 2 audit report
  • C. Consensus Assessment Initiative Questionnaire (CAIQ)
  • D. ISO 27001 ISMS review

Answer: C


NEW QUESTION # 224
With a federated identity system, what does the identity provider send information to after a successful authentication?

  • A. Service relay
  • B. Service relay
  • C. Service originator
  • D. Relying party

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Upon successful authentication, the identity provider sends an assertion with appropriate attributes to the relying party to grant access and assign appropriate roles to the user. The other terms provided are similar sounding to the correct term but are not actual components of a federated system.


NEW QUESTION # 225
A loosely coupled storage cluster will have performance and capacity limitations based on the
____________.
Response:

  • A. Total number of nodes in the cluster
  • B. Amount of usage demanded
  • C. The performance and capacity in each node
  • D. Physical backplane connecting it

Answer: C


NEW QUESTION # 226
Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?

  • A. Resource pooling
  • B. Virtualization
  • C. Regulation
  • D. Multitenancy

Answer: D

Explanation:
With cloud providers hosting a number of different customers, it would be impractical for them to pursue additional certifications based on the needs of a specific customer. Cloud environments are built to a common denominator to serve the greatest number of customers. Especially within a public cloud model, it is not possible or practical for a cloud provider to alter its services for specific customer demands. Resource pooling and virtualization within a cloud environment would be the same for all customers, and would not impact certifications that a cloud provider might be willing to pursue. Regulations would form the basis for certification problems and would be a reason for a cloud provider to pursue specific certifications to meet customer requirements.


NEW QUESTION # 227
Which of the following standards primarily pertains to cabling designs and setups in a data center?

  • A. IDCA
  • B. BICSI
  • C. Uptime Institute
  • D. NFPA

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The standards put out by Building Industry Consulting Service International (BICSI) primarily cover complex cabling designs and setups for data centers, but also include specifications on power, energy efficiency, and hot/cold aisle setups.


NEW QUESTION # 228
Which of the following is NOT one of the main intended goals of a DLP solution?

  • A. Regulatory compliance
  • B. Showing due diligence
  • C. Managing and minimizing risk
  • D. Preventing malicious insiders

Answer: D

Explanation:
Explanation
Data loss prevention (DLP) extends the capabilities for data protection beyond the standard and traditional security controls that are offered by operating systems, application containers, and network devices. DLP is not specifically implemented to counter malicious insiders, and would not be particularly effective in doing so, because a malicious insider with legitimate access would have other ways to obtain data. DLP is a set of practices and controls to manage and minimize risk, comply with regulatory requirements, and show due diligence with the protection of data.


NEW QUESTION # 229
Which of the following is not a feature of SAST?

  • A. Highly skilled, often expensive outside consultants
  • B. Source code review
  • C. "White-box" testing
  • D. Team-building efforts

Answer: D


NEW QUESTION # 230
What concept does the "R" represent with the DREAD model?

  • A. Repudiation
  • B. Reproducibility
  • C. Residual
  • D. Risk

Answer: B

Explanation:
Explanation/Reference:
Explanation:
Reproducibility is the measure of how easy it is to reproduce and successful use an exploit. Scoring within the DREAD model ranges from 0, signifying a nearly impossibly exploit, up to 10, which signifies something that anyone from a simple function call could exploit, such as a URL.


NEW QUESTION # 231
When an organization is considering a cloud environment for hosting BCDR solutions, which of the following would be the greatest concern?

  • A. Availability
  • B. Resource pooling
  • C. Location
  • D. Self-service

Answer: C

Explanation:
Explanation
If an organization wants to use a cloud service for BCDR, the location of the cloud hosting becomes a very important security consideration due to regulations and jurisdiction, which could be dramatically different from the organization's normal hosting locations. Availability is a hallmark of any cloud service provider, and likely will not be a prime consideration when an organization is considering using a cloud for BCDR; the same goes for self-service options. Resource pooling is common among all cloud systems and would not be a concern when an organization is dealing with the provisioning of resources during a disaster.


NEW QUESTION # 232
Which of the following are distinguishing characteristics of a managed service provider?

  • A. Be able to remotely monitor and manage objects for the customer and proactively maintain these objects under management.
  • B. Have some form of a NOC but no help desk.
  • C. Have some form of a help desk but no NOC.
  • D. Be able to remotely monitor and manage objects for the customer and reactively maintain these objects under management.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
According to the MSP Alliance, typically MSPs have the following distinguishing characteristics:
- Have some form of NOC service
- Have some form of help desk service
- Can remotely monitor and manage all or a majority of the objects for the customer
- Can proactively maintain the objects under management for the customer
- Can deliver these solutions with some form of predictable billing model, where the customer knows with great accuracy what her regular IT management expense will be


NEW QUESTION # 233
What principle must always been included with an SOC 2 report?
Response:

  • A. Confidentiality
  • B. Security
  • C. Privacy
  • D. Processing integrity

Answer: B


NEW QUESTION # 234
Different security testing methodologies offer different strategies and approaches to testing systems, requiring security personnel to determine the best type to use for their specific circumstances.
What does dynamic application security testing (DAST) NOT entail that SAST does?

  • A. Knowledge of the system
  • B. Probing
  • C. Scanning
  • D. Discovery

Answer: A

Explanation:
Dynamic application security testing (DAST) is considered "black-box" testing and begins with no inside knowledge of the application or its configurations. Everything about it must be discovered during its testing. As with most types of testing, dynamic application security testing (DAST) involves probing, scanning, and a discovery process for system information.


NEW QUESTION # 235
Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?

  • A. Reservation
  • B. Limit
  • C. Provision
  • D. Share

Answer: A

Explanation:
A reservation is a minimum resource that is guaranteed to a customer within a cloud environment. Within a cloud, a reservation can pertain to the two main aspects of computing: memory and processor. With a reservation in place, the cloud provider guarantees that a cloud customer will always have at minimum the necessary resources available to power on and operate any of their services.


NEW QUESTION # 236
Which of the following is NOT considered a type of data loss?

  • A. Stolen by hackers
  • B. Lost or destroyed encryption keys
  • C. Accidental deletion
  • D. Data corruption

Answer: A

Explanation:
Explanation
Explanation:
The exposure of data by hackers is considered a data breach. Data loss focuses on the data availability rather than security. Data loss occurs when data becomes lost, unavailable, or destroyed, when it should not have been.


NEW QUESTION # 237
From the perspective of compliance, what is the most important consideration when it comes to data center location?

  • A. Personnel access
  • B. Natural disasters
  • C. Jurisdiction
  • D. Utility access

Answer: C

Explanation:
Jurisdiction will dictate much of the compliance and audit requirements for a data center. Although all the aspects listed are very important to security, from a strict compliance perspective, jurisdiction is the most important. Personnel access, natural disasters, and utility access are all important operational considerations for selecting a data center location, but they are not related to compliance issues like jurisdiction is.


NEW QUESTION # 238
Your company maintains an on-premises data center for daily production activities but wants to use a cloud service to augment this capability during times of increased demand (cloud bursting).
Which deployment model would probably best suit the company's needs?
Response:

  • A. Private
  • B. Public
  • C. Hybrid
  • D. Community

Answer: C


NEW QUESTION # 239
What does the REST API support that SOAP does NOT support?

  • A. Acceleration
  • B. Caching
  • C. Encryption
  • D. Redundancy

Answer: B

Explanation:
The SOAP protocol does not support caching, whereas the REST API does.


NEW QUESTION # 240
Countermeasures for protecting cloud operations against internal threats include all of the following except:

  • A. Hardened perimeter devices
  • B. Extensive and comprehensive training programs, including initial, recurring, and refresher sessions
  • C. Aggressive background checks
  • D. Skills and knowledge testing

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Hardened perimeter devices are more useful at attenuating the risk of external attack.


NEW QUESTION # 241
The most pragmatic option for data disposal in the cloud is which of the following?

  • A. Cold fusion
  • B. Cryptoshredding
  • C. Melting
  • D. Overwriting

Answer: B

Explanation:
We don't have physical ownership, control, or even access to the devices holding the data, so physical destruction, including melting, is not an option. Overwriting is a possibility, but it is complicated by the difficulty of locating all the sectors and storage areas that might have contained our data, and by the likelihood that constant backups in the cloud increase the chance we'll miss something as it's being overwritten. Cryptoshredding is the only reasonable alternative. Cold fusion is a red herring.


NEW QUESTION # 242
Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-based IDS over a host-based IDS, assuming all capabilities are equal?

  • A. Segregated from host systems
  • B. Network access
  • C. Scalability
  • D. External to system patching

Answer: A

Explanation:
A network-based IDS has the advantage of being segregated from host systems, and as such, it would not be open to compromise in the same manner a host-based system would be. Although a network-based IDS would be external to system patching, this is not the best answer here because it is a minor concern compared to segregation due to possible host compromise. Scalability is also not the best answer because, although a network-based IDS does remove processing from the host system, it is not a primary security concern.
Network access is not a consideration because both a host-based IDS and a network-based IDS would have access to network resources.


NEW QUESTION # 243
......

Dumps of CCSP Cover all the requirements of the Real Exam: https://www.fast2test.com/CCSP-premium-file.html

Correct Practice Tests of CCSP Dumps with Practice Exam: https://drive.google.com/open?id=1oQmcd51woSbHElfL1X7zxmkIwoNpqm_8

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어