Free Practice Questions for ISC2 CCSP Exam

Which of the following is NOT one of the main intended goals of a DLP solution?

• Showing due diligence
  
• Preventing malicious insiders
  
• Regulatory compliance
  
• Managing and minimizing risk
  

Which aspect of cloud computing makes data classification even more vital than in a traditional data center?

• Interoperability
  
• Virtualization
  
• Multitenancy
  
• Portability
  

What type of PII is controlled based on laws and carries legal penalties for noncompliance with requirements?

• Contractual
  
• Regulated
  
• Specific
  
• Jurisdictional
  

Which of the following is considered an external redundancy for a data center?

• Power feeds to rack
  
• Generators
  
• Power distribution units
  
• Storage systems
  

Which of the following threat types involves an application that does not validate authorization for portions of itself beyond when the user first enters it?

• Cross-site request forgery
  
• Missing function-level access control
  
• Injection
  
• Cross-site scripting
  

What type of security threat is DNSSEC designed to prevent?

• Account hijacking
  
• Snooping
  
• Spoofing
  
• Injection
  

Which cloud deployment model is MOST likely to offer free or very cheap services to users?

• Hybrid
  
• Community
  
• Public
  
• Private
  

Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?

• Platform
  
• Infrastructure
  
• Software
  
• Desktop
  

Which of the following is considered an internal redundancy for a data center?

• Power feeds
  
• Chillers
  
• Network circuits
  
• Generators
  

When using a PaaS solution, what is the capability provided to the customer?

• To deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools that the provider supports. The provider does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
  
• To deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools that the provider supports. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
  
• To deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools that the consumer supports. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
  
• To deploy onto the cloud infrastructure provider-created or acquired applications created using programming languages, libraries, services, and tools that the provider supports. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.