(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests. Ben Malisow
user (administrators, managers, and so forth) accounts need to be reviewed more closely than basic user accounts. Why is this?Privileged users have more encryption keys.Regular users are more trustworthy.There are extra controls on privileged user accounts.Privileged users can cause more damage to the organization.
86 The additional review activities that might be performed for privileged user accounts could include all of the following except _______________.Deeper personnel background checksReview of personal financial accounts for privileged usersMore frequent reviews of the necessity for accessPat-down checks of privileged users to deter against physical theft
87 If personal financial account reviews are performed as an additional review control for privileged users, which of the following characteristics is least likely to be a useful indicator for review purposes?Too much money in the accountToo little money in the accountThe bank branch being used by the privileged userSpecific senders/recipients
88 How often should the accounts of privileged users be reviewed?AnnuallyTwice a yearMonthlyMore often than regular user account reviews
89 Privileged user account access should be _______________.TemporaryPervasiveThoroughGranular
90 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA’s Notorious Nine list, data breaches can be _______________.Overt or covertInternational or subterraneanFrom internal or external sourcesVoluminous or specific
91 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, an organization that operates in the cloud environment and suffers a data breach may be required to _______________.Notify affected usersReapply for cloud serviceScrub all affected physical memoryChange regulatory frameworks
92 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, an organization that suffers a data breach might suffer all of the following negative effects except _______________.Cost of compliance with notification lawsLoss of public perception/goodwillLoss of market shareCost of detection
93 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, in the event of a data breach, a cloud customer will likely need to comply with all the following data breach notification requirements except _______________.Multiple state lawsContractual notification requirementsAll standards-based notification schemesAny applicable federal regulations
94 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, data loss can be suffered as a result of _______________ activity.Malicious or inadvertentCasual or explicitWeb-based or stand-aloneManaged or independent
95 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, all of the following activity can result in data loss except _______________.Misplaced crypto keysImproper policyIneffectual backup proceduresAccidental overwrite
96 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, service traffic hijacking can affect which portion of the CIA triad?ConfidentialityIntegrityAvailabilityAll of the triad
97 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. The CSA recommends the prohibition of _______________ in order to diminish the likelihood of account/service traffic hijacking.All user activitySharing account credentials between users and servicesMultifactor authenticationInterstate commerce
98 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, which aspect of cloud computing makes it particularly susceptible to account/service traffic hijacking?ScalabilityMetered serviceRemote accessPooled resources
99 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what is one reason the threat of insecure interfaces and APIs is so prevalent in cloud computing?Most of the cloud customer’s interaction with resources will be performed through APIs.APIs are inherently insecure.Attackers have already published vulnerabilities for all known APIs.APIs are known carcinogens.
100 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what is one reason the threat of insecure interfaces and APIs is so prevalent in cloud computing?Cloud customers and third parties are continually enhancing and modifying APIs.APIs can have automated settings.It is impossible to uninstall APIs.APIs are a form of malware.
101 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what is one reason the threat of insecure interfaces and APIs is so prevalent in cloud computing?APIs are always used for administrative access.Customers perform many high-value tasks via APIs.APIs are cursed.It is impossible to securely code APIs.
102 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, why are denial of service (DoS) attacks such a significant threat to cloud operations?DoS attackers operate internationally.There are no laws against DoS attacks, so they are impossible to prosecute.Availability issues prevent productivity in the cloud.DoS attacks that can affect cloud providers are easy to launch.
103 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what do we call denial of service (DoS) attacks staged from multiple machines against a specific target?Invasive denial of service (IDoS)Pervasive denial of service (PDoS)Massive denial of service (MDoS)Distributed denial of service (DDoS)
104 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what aspect of managed cloud services makes the threat of malicious insiders so alarming?ScalabilityMultitenancyMetered serviceFlexibility
105 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what aspect of managed cloud services makes the threat of abuse of cloud services so alarming from a management perspective?ScalabilityMultitenancyResiliencyBroadband connections
106 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, which of the following is not an aspect of due diligence that the cloud customer should be concerned with when considering a migration to a cloud provider?Ensuring that any legacy applications are not dependent on internal security controls before moving them to the cloud environmentReviewing all contractual elements to appropriately define each party’s roles, responsibilities, and requirementsAssessing the provider’s financial standing and soundnessVetting the cloud provider’s administrators and personnel to ensure the same level of trust as the legacy environment
107 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. A cloud customer that does not perform sufficient due diligence can suffer harm if the cloud provider they’ve selected goes out of business. What do we call this problem?Vendor lock-inVendor lockoutVendor incapacityUnscaled
108 Which of the following is not a method for creating logical segmentation in a cloud data center?Virtual local area networks (VLANs)Network address translation (NAT)BridgingHubs
109 According to (ISC)2, the lack/ambiguity of physical endpoints as individual network components in the cloud environment creates what kind of threat/concern?The lack of defined endpoints makes it difficult to uniformly define, manage, and protect IT assets.Without physical endpoints, it is impossible