• Home
  • Articles
  • [2021] Valid CCSP test answers & ISC CCSP exam pdf [Q422-Q446]

[2021] Valid CCSP test answers & ISC CCSP exam pdf [Q422-Q446]

Share

[2021] Valid CCSP test answers & ISC CCSP exam pdf

Verified CCSP dumps Q&As - Pass Guarantee or Full Refund

NEW QUESTION 422
Which of the following is NOT a focus or consideration of an internal audit?

  • A. Design
  • B. Certification
  • C. Operational efficiency
  • D. Costs

Answer: B

Explanation:
Explanation/Reference:
Explanation:
In order to obtain and comply with certifications, independent external audits must be performed and satisfied. Although some testing of certification controls can be part of an internal audit, they will not satisfy requirements.

 

NEW QUESTION 423
Data center and operations design traditionally takes a tiered, topological approach.
Which of the following standards is focused on that approach and is prevalently used throughout the industry?

  • A. BICSI
  • B. IDCA
  • C. NFPA
  • D. Uptime Institute

Answer: D

Explanation:
Explanation
The Uptime Institute publishes the most widely known and used standard for data center topologies and tiers.
The National Fire Protection Association (NFPA) publishes a broad range of fire safety and design standards for many different types of facilities. Building Industry Consulting Services International (BICSI) issues certifications for data center cabling. The International Data Center Authority (IDCA) offers the Infinity Paradigm, which takes a macro-level approach to data center design.

 

NEW QUESTION 424
A comprehensive BCDR plan will encapsulate many or most of the traditional concerns of operating a system in any data center.
However, what is one consideration that is often overlooked with the formulation of a BCDR plan?

  • A. Restoration of services
  • B. Change management processes
  • C. Capacity at the BCDR site
  • D. Availability of staff

Answer: A

Explanation:
BCDR planning tends to focus so much on the failing over of services in the case of a disaster that recovery back to primary hosting after the disaster is often overlooked. In many instances, this can be just as complex a process as failing over, if not more so. Availability of staff, capacity at the BCDR site, and change management processes are typically integral to BCDR plans and are common components of them.

 

NEW QUESTION 425
Which SSAE 16 report is purposefully designed for public release (for instance, to be posted on a company's website)?
Response:

  • A. SOC 1
  • B. SOC 3
  • C. SOC 2, Type 1
  • D. SOC 2, Type 2

Answer: B

 

NEW QUESTION 426
Which United States law is focused on data related to health records and privacy?

  • A. Safe Harbor
  • B. HIPAA
  • C. GLBA
  • D. SOX

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The Health Insurance Portability and Accountability Act (HIPAA) requires the U.S. Federal Department of Health and Human Services to publish and enforce regulations pertaining to electronic health records and identifiers between patients, providers, and insurance companies. It is focused on the security controls and confidentiality of medical records, rather than the specific technologies used, so long as they meet the requirements of the regulations.

 

NEW QUESTION 427
Proper ________ need to be assigned to each data classification/category.
Response:

  • A. Policies
  • B. Metadata
  • C. Dollar values
  • D. Security controls

Answer: D

 

NEW QUESTION 428
In order to ensure ongoing compliance with regulatory requirements, which phase of the cloud data lifecycle must be tested regularly?

  • A. Store
  • B. Share
  • C. Archive
  • D. Destroy

Answer: C

Explanation:
In order to ensure compliance with regulations, it is important for an organization to regularly test the restorability of archived data. As technologies change and older systems are deprecated, the risk rises for an organization to lose the ability to restore data from the format in which it is stored. With the destroy, store, and share phases, the currently used technologies will be sufficient for an organization's needs in an ongoing basis, so the risk that is elevated with archived data is not present.

 

NEW QUESTION 429
Which protocol, as a part of TLS, handles negotiating and establishing a connection between two parties?

  • A. Binding
  • B. Record
  • C. Handshake
  • D. Negotiation

Answer: C

Explanation:
The TLS handshake protocol is what negotiates and establishes the TLS connection between two parties and enables a secure communications channel to then handle data transmissions. The TLS record protocol is the actual secure communications method for transmitting data; it's responsible for the encryption and authentication of packets throughout their transmission between the parties, and in some cases it also performs compression. Negotiation and binding are not protocols under TLS.

 

NEW QUESTION 430
What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?

  • A. Obfuscation
  • B. Tokenization
  • C. Anonymization
  • D. Masking

Answer: C

Explanation:
Explanation
With data anonymization, data is manipulated in such a way so as to prevent the identification of an individual through various data objects, and is often used in conjunction with other concepts such as masking.

 

NEW QUESTION 431
When an API is being leveraged, it will encapsulate its data for transmission back to the requesting party or service.
What is the data encapsulation used with the SOAP protocol referred to as?

  • A. Payload
  • B. Packet
  • C. Envelope
  • D. Object

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Simple Object Access Protocol (SOAP) encapsulates its information in what is known as a SOAP envelope. It then leverages common communications protocols for transmission. Object is a type of cloud storage, but also a commonly used term with certain types of programming languages. Packet and payload are terms that sound similar to envelope but are not correct in this case.

 

NEW QUESTION 432
You are the security policy lead for your organization, which is considering migrating from your on- premises, legacy environment into the cloud. You are reviewing the Cloud Security Alliance Cloud Controls Matrix (CSA CCM) as a tool for your organization. Which of the following benefits will the CSA CCM offer your organization?

  • A. Collecting multiple data streams from your log files
  • B. Ensuring that the baseline configuration is applied to all systems
  • C. Simplifying regulatory compliance
  • D. Enforcing contract terms between your organization and the cloud provider

Answer: C

 

NEW QUESTION 433
Which concept BEST describes the capability for a cloud environment to automatically scale a system or application, based on its current resource demands?

  • A. On-demand self-service
  • B. Rapid elasticity
  • C. Measured service
  • D. Resource pooling

Answer: B

Explanation:
Explanation
Rapid elasticity allows a cloud environment to automatically add or remove resources to or from a system or application based on its current demands. Whereas a traditional data center model would require standby hardware and substantial effort to add resources in response to load increases, a cloud environment can easily and rapidly expand to meet resources demands, so long as the application is properly implemented for it.

 

NEW QUESTION 434
Gathering business requirements can aid the organization in determining all of this information about organizational assets, except:

  • A. Criticality
  • B. Value
  • C. Usefulness
  • D. Full inventory

Answer: C

Explanation:
Explanation/Reference:
Explanation:
When we gather information about business requirements, we need to do a complete inventory, receive accurate valuation of assets (usually from the owners of those assets), and assess criticality; this collection of information does not tell us, objectively, how useful an asset is, however.

 

NEW QUESTION 435
Which of the following standards primarily pertains to cabling designs and setups in a data center?

  • A. BICSI
  • B. IDCA
  • C. Uptime Institute
  • D. NFPA

Answer: A

Explanation:
Explanation
The standards put out by Building Industry Consulting Service International (BICSI) primarily cover complex cabling designs and setups for data centers, but also include specifications on power, energy efficiency, and hot/cold aisle setups.

 

NEW QUESTION 436
What is used for local, physical access to hardware within a data center?

  • A. VPN
  • B. RDP
  • C. KVM
  • D. SSH

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Local, physical access in a data center is done via KVM (keyboard, video, mouse) switches.

 

NEW QUESTION 437
Three central concepts define what type of data and information an organization is responsible for pertaining to eDiscovery.
Which of the following are the three components that comprise required disclosure?

  • A. Possession, ownership, control
  • B. Possession, custody, control
  • C. Control, custody, use
  • D. Ownership, use, creation

Answer: B

Explanation:
Explanation
Data that falls under the purview of an eDiscovery request is that which is in the possession, custody, or control of the organization. Although this is an easy concept in a traditional data center, it can be difficult to distinguish who actually possesses and controls the data in a cloud environment due to multitenancy and resource pooling. Although these options provide similar-sounding terms, they are ultimately incorrect.

 

NEW QUESTION 438
The BIA can be used to provide information about all the following, except:

  • A. BC/DR planning
  • B. Secure acquisition
  • C. Risk analysis
  • D. Selection of security controls

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The business impact analysis gathers asset valuation information that is beneficial for risk analysis and selection of security controls (it helps avoid putting the ten-dollar lock on the five-dollar bicycle), and criticality information that helps in BC/DR planning by letting the organization understand which systems, data, and personnel are necessary to continuously maintain. However, it does not aid secure acquisition efforts, since the assets examined by the BIA have already been acquired.

 

NEW QUESTION 439
Which approach is typically the most efficient method to use for data discovery?

  • A. Labels
  • B. ACLs
  • C. Content analysis
  • D. Metadata

Answer: D

Explanation:
Metadata is data about data. It contains information about the type of data, how it is stored and organized, or information about its creation and use.

 

NEW QUESTION 440
Which of the following best describes a cloud carrier?

  • A. The intermediary who provides connectivity and transport of cloud providers and cloud consumers
  • B. A person or entity responsible for making a cloud service available to consumers
  • C. The person or entity responsible for keeping cloud services running for customers
  • D. The person or entity responsible for transporting data across the Internet

Answer: A

Explanation:
Explanation
A cloud carrier is the intermediary who provides connectivity and transport of cloud services between cloud providers and cloud customers.

 

NEW QUESTION 441
Different certifications and standards take different approaches to data center design and operations. Although many traditional approaches use a tiered methodology, which of the following utilizes a macro-level approach to data center design?

  • A. BICSI
  • B. Uptime Institute
  • C. NFPA
  • D. IDCA

Answer: D

Explanation:
Explanation/Reference:
Explanation:
The Infinity Paradigm of the International Data Center Authority (IDCA) takes a macro-level approach to data center design. The IDCA does not use a specific, focused approach on specific components to achieve tier status. Building Industry Consulting Services International (BICSI) issues certifications for data center cabling.
The National Fire Protection Association (NFPA) publishes a broad range of fire safety and design standards for many different types of facilities. The Uptime Institute publishes the most widely known and used standard for data center topologies and tiers.

 

NEW QUESTION 442
Which of the cloud cross-cutting aspects relates to the requirements placed on a system or application by law, policy, or requirements from standards?

  • A. Auditability
  • B. regulatory requirements
  • C. Governance
  • D. Service-level agreements

Answer: B

Explanation:
Regulatory requirements are those imposed upon businesses and their operations either by law, regulation, policy, or standards and guidelines. These requirements are specific either to the locality in which the company or application is based or to the specific nature of the data and transactions conducted.

 

NEW QUESTION 443
All the following are data analytics modes, except:

  • A. Agile business intelligence
  • B. Real-time analytics
  • C. Datamining
  • D. Refractory iterations

Answer: D

Explanation:
Explanation/Reference:
Explanation:
All the others are data analytics methods, but "refractory iterations" is a nonsense term thrown in as a red herring.

 

NEW QUESTION 444
Which of the following is not a risk management framework?

  • A. NIST SP 800-37
  • B. ISO 31000:2009
  • C. Hex GBL
  • D. COBIT

Answer: C

Explanation:
Explanation
Hex GBL is a reference to a computer part in Terry Pratchett's fictional Discworld universe. The rest are not.

 

NEW QUESTION 445
Why does a Type 2 hypervisor typically offer less security control than a Type 1 hypervisor?

  • A. A Type 2 hypervisor is open source, so attackers can more easily find exploitable vulnerabilities with that access.
  • B. A Type 2 hypervisor allows users to directly perform some functions with their own access.
  • C. A Type 2 hypervisor runs on top of another operating system and is dependent on the security of the OS for its own security.
  • D. A Type 2 hypervisor is always exposed to the public Internet for federated identity access.

Answer: C

Explanation:
Explanation
A Type 2 hypervisor differs from a Type 1 hypervisor in that it runs on top of another operating system rather than directly tied into the underlying hardware of the virtual host servers. With this type of implementation, additional security and architecture concerns come into play because the interaction between the operating system and the hypervisor becomes a critical link. The hypervisor no longer has direct interaction and control over the underlying hardware, which means that some performance will be lost due to the operating system in the middle needing its own resources, patching requirements, and operational oversight.

 

NEW QUESTION 446
......

CCSP Exam Questions – Valid CCSP Dumps Pdf: https://www.dumpsquestion.com/CCSP-exam-dumps-collection.html

CCSP PDF Dumps Recently Updated Questions: https://drive.google.com/open?id=1u3v0OCwJOK9VLzC5speexiViS84EvoLi

Related Articles

more
ISC CCSP Certification Practice Exam

Copyright © 2026 DumpsQuestion NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy