최신ISC Certified Cloud Security Professional - CCSP무료샘플문제
문제1
Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?
Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제2
Which phase of the cloud data lifecycle involves processing by a user or application?
Which phase of the cloud data lifecycle involves processing by a user or application?
정답: D
문제3
What type of solution is at the core of virtually all directory services?
What type of solution is at the core of virtually all directory services?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제4
You are a consultant performing an external security review on a large manufacturing firm. You determine that its newest assembly plant, which cost $24 million, could be completely destroyed by a fire but that a fire suppression system could effectively protect the plant. The fire suppression system costs $15 million. An insurance policy that would cover the full replacement cost of the plant costs $1 million per month. In order to establish the true annualized loss expectancy (ALE), you would need all of the following information except ____________.
You are a consultant performing an external security review on a large manufacturing firm. You determine that its newest assembly plant, which cost $24 million, could be completely destroyed by a fire but that a fire suppression system could effectively protect the plant. The fire suppression system costs $15 million. An insurance policy that would cover the full replacement cost of the plant costs $1 million per month. In order to establish the true annualized loss expectancy (ALE), you would need all of the following information except ____________.
정답: B
문제5
Which aspect of archiving must be tested regularly for the duration of retention requirements?
Which aspect of archiving must be tested regularly for the duration of retention requirements?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제6
What is the major difference between authentication/authorization?
Response:
What is the major difference between authentication/authorization?
Response:
정답: C
문제7
You work for a government research facility. Your organization often shares data with other government research organizations.
You would like to create a single sign-on experience across the organizations, where users at each organization can sign in with the user ID/authentication issued by that organization, then access research data in all the other organizations.
Instead of replicating the data stores of each organization at every other organization (which is one way of accomplishing this goal), you instead want every user to have access to each organization's specific storage resources.
In order to pass the user IDs and authenticating credentials of each user among the organizations, what protocol/language/motif will you most likely utilize?
Response:
You work for a government research facility. Your organization often shares data with other government research organizations.
You would like to create a single sign-on experience across the organizations, where users at each organization can sign in with the user ID/authentication issued by that organization, then access research data in all the other organizations.
Instead of replicating the data stores of each organization at every other organization (which is one way of accomplishing this goal), you instead want every user to have access to each organization's specific storage resources.
In order to pass the user IDs and authenticating credentials of each user among the organizations, what protocol/language/motif will you most likely utilize?
Response:
정답: C
문제8
Which type of controls are the SOC Type 1 reports specifically focused on?
Which type of controls are the SOC Type 1 reports specifically focused on?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제9
Although performing BCDR tests at regular intervals is a best practice to ensure processes and documentation are still relevant and efficient, which of the following represents a reason to conduct a BCDR review outside of the regular interval?
Although performing BCDR tests at regular intervals is a best practice to ensure processes and documentation are still relevant and efficient, which of the following represents a reason to conduct a BCDR review outside of the regular interval?
정답: A
문제10
Why are PaaS environments at a higher likelihood of suffering backdoor vulnerabilities?
Why are PaaS environments at a higher likelihood of suffering backdoor vulnerabilities?
정답: B
문제11
Dynamic application security testing (DAST) is usually considered a ________ form of testing.
Response:
White-box
Dynamic application security testing (DAST) is usually considered a ________ form of testing.
Response:
White-box
정답: C
문제12
Which of the following contract terms most incentivizes the cloud provider to meet the requirements listed in the SLA?
Which of the following contract terms most incentivizes the cloud provider to meet the requirements listed in the SLA?
정답: A
문제13
The European Union passed the first major regulation declaring data privacy to be a human right.
In what year did it go into effect?
The European Union passed the first major regulation declaring data privacy to be a human right.
In what year did it go into effect?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제14
Which aspect of cloud computing will be most negatively impacted by vendor lock-in?
Which aspect of cloud computing will be most negatively impacted by vendor lock-in?
정답: A
설명: (KoreaDumps 회원만 볼 수 있음)
문제15
Which of the following is NOT part of a retention policy?
Which of the following is NOT part of a retention policy?
정답: A
설명: (KoreaDumps 회원만 볼 수 있음)