ISC CCSP Exam Questions

Questions for the CCSP were updated on : Jun 17 ,2024

Page 1 out of 35. Viewing questions 1-15 out of 512

Question 1

Which of the following roles is responsible for creating cloud components and the testing and
validation of services?

  • A. Cloud auditor
  • B. Inter-cloud provider
  • C. Cloud service broker
  • D. Cloud service developer
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
The cloud service developer is responsible for developing and creating cloud components and
services, as well as for testing and validating services.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

What is the best source for information about securing a physical asset's BIOS?

  • A. Security policies
  • B. Manual pages
  • C. Vendor documentation
  • D. Regulations
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Vendor documentation from the manufacturer of the physical hardware is the best source of best
practices for securing the BIOS.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which of the following is not a component of contractual PII?

  • A. Scope of processing
  • B. Value of data
  • C. Location of data
  • D. Use of subcontractors
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
The value of data itself has nothing to do with it being considered a part of contractual

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which of the following concepts refers to a cloud customer paying only for the resources and
offerings they use within a cloud environment, and only for the duration that they are consuming
them?

  • A. Consumable service
  • B. Measured service
  • C. Billable service
  • D. Metered service
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Measured service is where cloud services are delivered and billed in a metered way, where the cloud
customer only pays for those that they actually use, and for the duration of time that they use them.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which of the following roles involves testing, monitoring, and securing cloud services for an
organization?

  • A. Cloud service integrator
  • B. Cloud service business manager
  • C. Cloud service user
  • D. Cloud service administrator
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
The cloud service administrator is responsible for testing cloud services, monitoring services,
administering security for services, providing usage reports on cloud services, and addressing
problem reports

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What is the only data format permitted with the SOAP API?

  • A. HTML
  • B. SAML
  • C. XSML
  • D. XML
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
The SOAP protocol only supports the XML data format.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which data formats are most commonly used with the REST API?

  • A. JSON and SAML
  • B. XML and SAML
  • C. XML and JSON
  • D. SAML and HTML
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
JavaScript Object Notation (JSON) and Extensible Markup Language (XML) are the most commonly
used data formats for the Representational State Transfer (REST) API, and are typically implemented
with caching for increased scalability and performance.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following threat types involves an application that does not validate authorization for
portions of itself after the initial checks?

  • A. Injection
  • B. Missing function-level access control
  • C. Cross-site request forgery
  • D. Cross-site scripting
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
It is imperative that an application perform checks when each function or portion of the application
is accessed, to ensure that the user is properly authorized to access it. Without continual checks each
time a function is accessed, an attacker could forge requests to access portions of the application
where authorization has not been granted.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for
an organization within a cloud environment?

  • A. Cloud service user
  • B. Cloud service business manager
  • C. Cloud service administrator
  • D. Cloud service integrator
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
The cloud service business manager is responsible for overseeing business and billing administration,
purchasing cloud services, and requesting audit reports when necessary

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

What is the biggest concern with hosting a key management system outside of the cloud
environment?

  • A. Confidentiality
  • B. Portability
  • C. Availability
  • D. Integrity
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
When a key management system is outside of the cloud environment hosting the application,
availability is a primary concern because any access issues with the encryption keys will render the
entire application unusable.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Which of the following approaches would NOT be considered sufficient to meet the requirements of
secure data destruction within a cloud environment?

  • A. Cryptographic erasure
  • B. Zeroing
  • C. Overwriting
  • D. Deletion
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Deletion merely removes the pointers to data on a system; it does nothing to actually remove and
sanitize the data. As such, the data remains in a recoverable state, and more secure methods are
needed to ensure it has been destroyed and is not recoverable by another party.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which of the following cloud aspects complicates eDiscovery?

  • A. Resource pooling
  • B. On-demand self-service
  • C. Multitenancy
  • D. Measured service
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
With multitenancy, eDiscovery becomes more complicated because the data collection involves extra
steps to ensure that only those customers or systems that are within scope are turned over to the
requesting authority.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

What does the management plane typically utilize to perform administrative functions on the
hypervisors that it has access to?

  • A. Scripts
  • B. RDP
  • C. APIs
  • D. XML
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
The functions of the management plane are typically exposed as a series of remote calls and function
executions and as a set of APIs. These APIs are typically leveraged through either a client or a web
portal, with the latter being the most common.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

What is a serious complication an organization faces from the perspective of compliance with
international operations?

  • A. Different certifications
  • B. Multiple jurisdictions
  • C. Different capabilities
  • D. Different operational procedures
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
When operating within a global framework, a security professional runs into a multitude of
jurisdictions and requirements, and many times they might be in contention with one other or not
clearly applicable. These requirements can include the location of the users and the type of data they
enter into systems, the laws governing the organization that owns the application and any regulatory
requirements they may have, as well as the appropriate laws and regulations for the jurisdiction
housing the IT resources and where the data is actually stored, which might be multiple jurisdictions
as well.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

Which networking concept in a cloud environment allows for network segregation and isolation of IP
spaces?

  • A. PLAN
  • B. WAN
  • C. LAN
  • D. VLAN
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
A virtual area network (VLAN) allows the logical separation and isolation of networks and IP spaces
to provide enhanced security and controls.

Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2