(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests. Ben Malisow
what phase of the Cloud Secure Data Lifecycle does data enter long-term storage?The firstThe secondThe fourthThe fifth
30 What is a form of cloud storage where data is stored as objects, arranged in a hierarchal structure, like a file tree?Volume storageDatabasesContent delivery network (CDN)Object storage
31 What is a form of cloud storage where data is stored in a logical storage area assigned to the user but not necessarily physically attached or even geographically proximate to the compute node the user is utilizing?Volume storageDatabasesContent delivery network (CDN)Object storage
32 What is a form of cloud storage often used for streaming multimedia data to users?Volume storageDatabasesContent delivery network (CDN)Neutral storage
33 What type of data storage is often used in platform as a service (PaaS) arrangements?EphemeralDatabaseLong-termNefarious
34 What is a form of cloud data protection where data is spread across multiple storage devices/locations, similar to RAID in the legacy environment?InfringingData dispersionVoidingCrypto-shredding
35 Erasure coding, in the cloud, is similar to what element of RAID implementations in a traditional IT environment?DeltasInversionParity bitsTransposition
36 DLP (data loss prevention or data leak protection) solutions are implemented in the hopes of securing _______________.Sensitive data that may leave the organization’s controlAll data within the organization’s controlData being processed by the organization’s usersData that could be intercepted while out of the organization’s control
37 Which of the following will DLP (data loss prevention or data leak protection) solutions most likely not inspect?Email contentFTP trafficMaterial saved to portable mediaVoice over Internet Protocol (VoIP) conversations
38 DLP (data loss prevention or data leak protection) solutions may use all of the following techniques to identify sensitive data except _______________.Pattern matchingInferenceKeyword identificationMetadata tags
39 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In which of the following cases would you not have to get permission from the cloud provider to install and implement the tool?If it’s hardware-based and your production environment is in an infrastructure as a service (IaaS) modelIf you purchased it from a vendor other than the cloud providerIf it’s software-based and your production environment is in a platform as a service (PaaS) modelIf it affects all guest instances on any given host device
40 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. Before implementing the solution, what should you explain to senior management?The additional risks of external attack associated with using the toolThe production impact it will have on the environmentWhat the price of the tool wasHow the solution works
41 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. Which of these activities should you perform before deploying the tool?Survey your company’s departments about the data under their control.Reconstruct your firewalls.Harden all your routers.Adjust the hypervisors.
42 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. What should you expect immediately following the implementation of the tool?Immediate decrease in lost dataA series of false-positive indicationsIncrease in morale across the organizationIncrease in gross revenue
43 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. What should you not expect the tool to address?Sensitive data sent inadvertently in user emailsSensitive data captured by screenshotsSensitive data moved to external devicesSensitive data in the contents of files sent via File Transfer Protocol (FTP)
44 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In order to get truly holistic coverage of your environment, you should be sure to include ____________ as a step in the deployment process.Getting signed user agreements from all usersInstallation of the solution on all assets in the cloud data centerAdoption of the tool in all routers between your users and the cloud providerEnsuring that all your customers install the tool
45 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In order to increase the security value of the tool, you should consider combining it with _______________.Digital rights management (DRM) and security event and incident management (SIEM) toolsAn investment in upgraded project management softwareDigital insurance policiesThe Uptime Institute’s Tier certification
46 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. You are interested in fielding the solution as an awareness tool to optimize security for your organization through conditioning user behavior. You decide to set the solution to _______________.Suspend user accounts and notify the security office when it detects possible sensitive data egress attempted by a userHalt the transaction and notify the user’s supervisor when the user attempts to transfer sensitive dataQuery the user as to whether they intend to send sensitive data upon detection of an attempted transferSever remote connections upon detection of a possible sensitive data transfer
47 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. You understand that all of the following aspects of cloud computing may make proper deployment of the tool difficult or costly except _______________.Data will not remain in one place or form in the cloudThe cloud environment will include redundant and resilient architectureThere will be a deleterious impact on production upon installing the toolYou might not have sufficient proper administrative rights in the cloud infrastructure
48 Egress monitoring solutions can aid all of the following security-related efforts except _______________.Access controlData exfiltrationE-discovery/forensicsData categorization/classification
49 The cloud security professional should be aware that encryption would most likely be necessary in all the following aspects of a cloud deployment except _______________.Data at restData in motionData in useData of relief
50 As with the traditional IT environment, cloud data encryption includes all the following elements except _______________.The userThe data itselfThe encryption engineThe encryption keys
51 Volume storage encryption in an infrastructure as a service (IaaS) arrangement will protect against data loss due to all of the following activities except _______________.Physical loss or theft of a deviceDisgruntled usersMalicious cloud administrators accessing the dataVirtual machine snapshots stolen from storage
52 In an infrastructure as a service (IaaS) arrangement, all of the following are examples of object storage encryption except _______________.File-level encryptionDigital rights management (DRM)Application-level encryptionTransport Layer Security (TLS)
53 All of the following are database encryption options that could be used in a platform as a service (PaaS) implementation except _______________.File-level encryptionSecure Sockets Layer (SSL)Transparent encryptionApplication-level encryption
54 In application-level encryption, where does the encryption engine reside?In the application accessing the databaseIn the operating system on which the application is runWithin the database accessed by the applicationIn the volume where the database resides
55 Which of the following database encryption techniques can be used to encrypt specific tables within the database?File-level encryptionTransparent encryptionApplication-level encryptionObject-level encryption
56 Which of the following database encryption techniques makes it difficult to perform database functions (searches, indexing, etc.)?File-level encryptionTransparent encryptionApplication-level encryptionVolume encryption
57 According