• Home
  • Articles
  • Latest CCSP Pass Guaranteed Exam Dumps with Accurate & Updated Questions [Q370-Q394]

Latest CCSP Pass Guaranteed Exam Dumps with Accurate & Updated Questions [Q370-Q394]

Share

Latest CCSP Pass Guaranteed Exam Dumps with Accurate & Updated Questions

CCSP Exam Brain Dumps - Study Notes and Theory

NEW QUESTION 370
What process is used within a clustered system to provide high availability and load balancing?

  • A. Dynamic balancing
  • B. Dynamic resource scheduling
  • C. Dynamic clustering
  • D. Dynamic optimization

Answer: B

Explanation:
Dynamic resource scheduling (DRS) is used within all clustering systems as the method for clusters to provide high availability, scaling, management, and workload distribution and balancing of jobs and processes. From a physical infrastructure perspective, DRS is used to balance compute loads between physical hosts in a cloud to maintain the desired thresholds and limits on the physical hosts.

 

NEW QUESTION 371
Which phase of the cloud data lifecycle also typically entails the process of data classification?
Response:

  • A. Use
  • B. Create
  • C. Store
  • D. Archive

Answer: B

 

NEW QUESTION 372
With the rapid emergence of cloud computing, very few regulations were in place that pertained to it specifically, and organizations often had to resort to using a collection of regulations that were not specific to cloud in order to drive audits and policies.
Which standard from the ISO/IEC was designed specifically for cloud computing?

  • A. ISO/IEC 27018
  • B. ISO/IEC 27001
  • C. ISO/IEC 19889
  • D. ISO/IEC 27001:2015

Answer: A

Explanation:
ISO/IEC 27018 was implemented to address the protection of personal and sensitive information within a cloud environment. ISO/IEC 27001 and its later 27001:2015 revision are both general- purpose data security standards. ISO/IEC 19889 is an erroneous answer.

 

NEW QUESTION 373
Which of the following is NOT one of the components of multifactor authentication?

  • A. Something the user is
  • B. Something the user knows
  • C. Something the user sends
  • D. Something the user has

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Multifactor authentication systems are composed of something the user knows, has, and/or is, not something the user sends. Multifactor authentication commonly uses something that a user knows, has, and/or is (such as biometrics or features).

 

NEW QUESTION 374
FM-200 has all the following properties except ___________.
Response:

  • A. It does not leave a film or coagulant after use
  • B. It's nontoxic at levels used for fire suppression
  • C. It's gaseous at room temperature
  • D. It may deplete the Earth's ozone layer

Answer: D

 

NEW QUESTION 375
BCDR strategies typically do not involve the entire operations of an organization, but only those deemed critical to their business.
Which concept pertains to the amount of data and services needed to reach the predetermined level of operations?

  • A. RPO
  • B. RSL
  • C. SRE
  • D. RTO

Answer: A

Explanation:
The recovery point objective (RPO) sets and defines the amount of data an organization must have available or accessible to reach the predetermined level of operations necessary during a BCDR situation.
The recovery time objective (RTO) measures the amount of time necessary to recover operations to meet the BCDR plan. The recovery service level (RSL) measures the percentage of operations that would be recovered during a BCDR situation. SRE is provided as an erroneous response.

 

NEW QUESTION 376
Three central concepts define what type of data and information an organization is responsible for pertaining to eDiscovery.
Which of the following are the three components that comprise required disclosure?

  • A. Possession, custody, control
  • B. Control, custody, use
  • C. Ownership, use, creation
  • D. Possession, ownership, control

Answer: A

Explanation:
Explanation
Data that falls under the purview of an eDiscovery request is that which is in the possession, custody, or control of the organization. Although this is an easy concept in a traditional data center, it can be difficult to distinguish who actually possesses and controls the data in a cloud environment due to multitenancy and resource pooling. Although these options provide similar-sounding terms, they are ultimately incorrect.

 

NEW QUESTION 377
Which of the following is not a component of contractual PII?

  • A. Location of data
  • B. Use of subcontractors
  • C. Value of data
  • D. Scope of processing

Answer: A

Explanation:
The value of data itself has nothing to do with it being considered a part of contractual

 

NEW QUESTION 378
Who is the entity identified by personal data?

  • A. The data subject
  • B. The data custodian
  • C. The data owner
  • D. The data processor

Answer: A

 

NEW QUESTION 379
Within an Infrastructure as a Service model, which of the following would NOT be a measured service?

  • A. Number of users
  • B. Memory
  • C. CPU
  • D. Storage

Answer: A

Explanation:
Within IaaS, the number of users on a system is not relevant to the particular hosting model in regard to cloud resources. IaaS is focused on infrastructure needs of a system or application.
Therefore, a factor such as the number of users that could affect licensing requirements, for example, would apply to the SaaS model, or in some instances to PaaS.

 

NEW QUESTION 380
What could be the result of failure of the cloud provider to secure the hypervisor in such a way that one user on a virtual machine can see the resource calls of another user's virtual machine?
Response:

  • A. Unauthorized data disclosure
  • B. Physical intrusion
  • C. Social engineering
  • D. Inference attacks

Answer: D

 

NEW QUESTION 381
In a cloud environment, encryption should be used for all the following, except:

  • A. Near-term storage of virtualized images
  • B. Profile formatting
  • C. Secure sessions/VPN
  • D. Long-term storage of data

Answer: B

Explanation:
Explanation/Reference:
Explanation:
All of these activities should incorporate encryption, except for profile formatting, which is a made-up term.

 

NEW QUESTION 382
Which publication from the United States National Institute of Standards and Technology pertains to defining cloud concepts and definitions for the various core components of cloud computing?

  • A. SP 800-145
  • B. SP 800-40
  • C. SP 800-53
  • D. SP 800-153

Answer: A

Explanation:
NIST Special Publications 800-145 is titled "The NIST Definition of Cloud Computing" and contains definitions and explanations of core cloud concepts and components.

 

NEW QUESTION 383
Which of the following best describes SAML?
Response:

  • A. A standard for exchanging usernames and passwords across devices
  • B. A standard for exchanging authentication and authorization data between security domains
  • C. A standard used for directory synchronization
  • D. A standard for developing secure application management logistics

Answer: B

 

NEW QUESTION 384
Which aspect of security is DNSSEC designed to ensure?

  • A. Integrity
  • B. Authentication
  • C. Confidentiality
  • D. Availability

Answer: A

Explanation:
Explanation
DNSSEC is a security extension to the regular DNS protocol and services that allows for the validation of the integrity of DNS lookups. It does not address confidentiality or availability at all. It allows for a DNS client to perform DNS lookups and validate both their origin and authority via the cryptographic signature that accompanies the DNS response.

 

NEW QUESTION 385
With finite resources available within a cloud, even the largest cloud providers will at times need to determine which customers will receive additional resources first.
What is the term associated with this determination?

  • A. Weighting
  • B. Scoring
  • C. Shares
  • D. Prioritization

Answer: C

Explanation:
Explanation
Shares are used within a cloud environment to prioritize resource allocation when customer requests exceed the available resources. Cloud providers utilize shares by assigning a priority score to each customer and allocating resources to those with the highest scores first. Scoring is a component of shares that determines the actual order in which to allocate resources. Neither weighting nor prioritization is the correct term in this case.

 

NEW QUESTION 386
All of the following are usually nonfunctional requirements except ____________.

  • A. Security
  • B. Sound
  • C. Color
  • D. Function

Answer: D

 

NEW QUESTION 387
What type of masking strategy involves making a separate and distinct copy of data with masking in place?

  • A. Static
  • B. Dynamic
  • C. Replication
  • D. Duplication

Answer: A

Explanation:
With static masking, a separate and distinct copy of the data set is created with masking in place.
This is typically done through a script or other process that takes a standard data set, processes it to mask the appropriate and predefined fields, and then outputs the data set as a new one with the completed masking done.

 

NEW QUESTION 388
In the cloud motif, the data owner is usually:

  • A. The cloud provider
  • B. The cloud access security broker
  • C. In another jurisdiction
  • D. The cloud customer

Answer: D

Explanation:
Explanation
The data owner is usually considered the cloud customer in a cloud configuration; the data in question is the customer's information, being processed in the cloud. The cloud provider is only leasing services and hardware to the customer. The cloud access security broker (CASB) only handles access control on behalf of the cloud customer, and is not in direct contact with the production data.

 

NEW QUESTION 389
In a cloud environment, encryption should be used for all the following, except:

  • A. Near-term storage of virtualized images
  • B. Profile formatting
  • C. Secure sessions/VPN
  • D. Long-term storage of data

Answer: B

Explanation:
All of these activities should incorporate encryption, except for profile formatting, which is a made-up term.

 

NEW QUESTION 390
Which of the following is not a risk management framework?

  • A. COBIT
  • B. Hex GBL
  • C. ISO 31000:2009
  • D. NIST SP 800-37

Answer: B

Explanation:
Hex GBL is a reference to a computer part in Terry Pratchett's fictional Discworld universe. The rest are not.

 

NEW QUESTION 391
What masking strategy involves the replacing of sensitive data at the time it is accessed and used as it flows between the data and application layers of a service?

  • A. Static
  • B. Dynamic
  • C. Active
  • D. Transactional

Answer: B

Explanation:
Explanation/Reference:
Explanation:
Dynamic masking involves the live replacing of sensitive data fields during transactional use between the data and application layers of a service. Static masking involves creating a full data set with the sensitive data fields masked, but is not done during live transactions like dynamic masking. Active and transactional are offered as similar types of answers but are not types of masking.

 

NEW QUESTION 392
Which of the following is NOT a function performed by the handshake protocol of TLS?

  • A. Key exchange
  • B. Establish session ID
  • C. Encryption
  • D. Negotiation of connection

Answer: C

Explanation:
Explanation
The handshake protocol negotiates and establishes the connection as well as handles the key exchange and establishes the session ID. It does not perform the actual encryption of data packets.

 

NEW QUESTION 393
What is the major difference between authentication/authorization?
Response:

  • A. Inverse incantation/obverse instantiation
  • B. Code verification/code implementation
  • C. User access/privileged access
  • D. Identity validation/access permission

Answer: D

 

NEW QUESTION 394
......

Pass ISC CCSP Test Practice Test Questions Exam Dumps: https://pass4sure.examcost.com/CCSP-practice-exam.html

Related Articles

more
ISC CCSP Certification Practice Exam

ExamCost provides valid exam collection to help you pass exam once and help you waste more exam cost. If you choose our ExamCost exam collection we guarantee you pass exam surely.

Latest Test Cost

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamCost NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy