(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests. Ben Malisow

(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests - Ben Malisow


Скачать книгу
what phase of the Cloud Secure Data Lifecycle does data enter long-term storage?The firstThe secondThe fourthThe fifth

      30 What is a form of cloud storage where data is stored as objects, arranged in a hierarchal structure, like a file tree?Volume storageDatabasesContent delivery network (CDN)Object storage

      31 What is a form of cloud storage where data is stored in a logical storage area assigned to the user but not necessarily physically attached or even geographically proximate to the compute node the user is utilizing?Volume storageDatabasesContent delivery network (CDN)Object storage

      32 What is a form of cloud storage often used for streaming multimedia data to users?Volume storageDatabasesContent delivery network (CDN)Neutral storage

      33 What type of data storage is often used in platform as a service (PaaS) arrangements?EphemeralDatabaseLong-termNefarious

      34 What is a form of cloud data protection where data is spread across multiple storage devices/locations, similar to RAID in the legacy environment?InfringingData dispersionVoidingCrypto-shredding

      35 Erasure coding, in the cloud, is similar to what element of RAID implementations in a traditional IT environment?DeltasInversionParity bitsTransposition

      36 DLP (data loss prevention or data leak protection) solutions are implemented in the hopes of securing _______________.Sensitive data that may leave the organization’s controlAll data within the organization’s controlData being processed by the organization’s usersData that could be intercepted while out of the organization’s control

      37 Which of the following will DLP (data loss prevention or data leak protection) solutions most likely not inspect?Email contentFTP trafficMaterial saved to portable mediaVoice over Internet Protocol (VoIP) conversations

      38 DLP (data loss prevention or data leak protection) solutions may use all of the following techniques to identify sensitive data except _______________.Pattern matchingInferenceKeyword identificationMetadata tags

      39 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In which of the following cases would you not have to get permission from the cloud provider to install and implement the tool?If it’s hardware-based and your production environment is in an infrastructure as a service (IaaS) modelIf you purchased it from a vendor other than the cloud providerIf it’s software-based and your production environment is in a platform as a service (PaaS) modelIf it affects all guest instances on any given host device

      40 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. Before implementing the solution, what should you explain to senior management?The additional risks of external attack associated with using the toolThe production impact it will have on the environmentWhat the price of the tool wasHow the solution works

      41 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. Which of these activities should you perform before deploying the tool?Survey your company’s departments about the data under their control.Reconstruct your firewalls.Harden all your routers.Adjust the hypervisors.

      42 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. What should you expect immediately following the implementation of the tool?Immediate decrease in lost dataA series of false-positive indicationsIncrease in morale across the organizationIncrease in gross revenue

      43 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. What should you not expect the tool to address?Sensitive data sent inadvertently in user emailsSensitive data captured by screenshotsSensitive data moved to external devicesSensitive data in the contents of files sent via File Transfer Protocol (FTP)

      44 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In order to get truly holistic coverage of your environment, you should be sure to include ____________ as a step in the deployment process.Getting signed user agreements from all usersInstallation of the solution on all assets in the cloud data centerAdoption of the tool in all routers between your users and the cloud providerEnsuring that all your customers install the tool

      45 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In order to increase the security value of the tool, you should consider combining it with _______________.Digital rights management (DRM) and security event and incident management (SIEM) toolsAn investment in upgraded project management softwareDigital insurance policiesThe Uptime Institute’s Tier certification

      46 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. You are interested in fielding the solution as an awareness tool to optimize security for your organization through conditioning user behavior. You decide to set the solution to _______________.Suspend user accounts and notify the security office when it detects possible sensitive data egress attempted by a userHalt the transaction and notify the user’s supervisor when the user attempts to transfer sensitive dataQuery the user as to whether they intend to send sensitive data upon detection of an attempted transferSever remote connections upon detection of a possible sensitive data transfer

      47 You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. You understand that all of the following aspects of cloud computing may make proper deployment of the tool difficult or costly except _______________.Data will not remain in one place or form in the cloudThe cloud environment will include redundant and resilient architectureThere will be a deleterious impact on production upon installing the toolYou might not have sufficient proper administrative rights in the cloud infrastructure

      48 Egress monitoring solutions can aid all of the following security-related efforts except _______________.Access controlData exfiltrationE-discovery/forensicsData categorization/classification

      49 The cloud security professional should be aware that encryption would most likely be necessary in all the following aspects of a cloud deployment except _______________.Data at restData in motionData in useData of relief

      50 As with the traditional IT environment, cloud data encryption includes all the following elements except _______________.The userThe data itselfThe encryption engineThe encryption keys

      51 Volume storage encryption in an infrastructure as a service (IaaS) arrangement will protect against data loss due to all of the following activities except _______________.Physical loss or theft of a deviceDisgruntled usersMalicious cloud administrators accessing the dataVirtual machine snapshots stolen from storage

      52 In an infrastructure as a service (IaaS) arrangement, all of the following are examples of object storage encryption except _______________.File-level encryptionDigital rights management (DRM)Application-level encryptionTransport Layer Security (TLS)

      53 All of the following are database encryption options that could be used in a platform as a service (PaaS) implementation except _______________.File-level encryptionSecure Sockets Layer (SSL)Transparent encryptionApplication-level encryption

      54 In application-level encryption, where does the encryption engine reside?In the application accessing the databaseIn the operating system on which the application is runWithin the database accessed by the applicationIn the volume where the database resides

      55 Which of the following database encryption techniques can be used to encrypt specific tables within the database?File-level encryptionTransparent encryptionApplication-level encryptionObject-level encryption

      56 Which of the following database encryption techniques makes it difficult to perform database functions (searches, indexing, etc.)?File-level encryptionTransparent encryptionApplication-level encryptionVolume encryption

      57 According


Скачать книгу