CCSP

Configurations and policies for a system can come from a variety of sources and take a variety of formats. Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?A . HardeningB . LevelingC . BaselinesD ....

Which of the following does NOT relate to the hiding of sensitive data from data sets?A . ObfuscationB . FederationC . MaskingD . AnonymizationView AnswerAnswer: B Explanation: Federation pertains to authenticating systems between different organizations.

Which aspect of archiving must be tested regularly for the duration of retention requirements?A . AvailabilityB . RecoverabilityC . AuditabilityD . PortabilityView AnswerAnswer: B Explanation: In order for any archiving system to be deemed useful and compliant, regular tests must be performed to ensure the data can still be recovered...

Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?A . CommunityB . HybridC . PrivateD . PublicView AnswerAnswer: A Explanation: A community cloud model is where customers that share a certain common...

With software-defined networking, what aspect of networking is abstracted from the forwarding of traffic?A . RoutingB . SessionC . FilteringD . FirewallingView AnswerAnswer: C Explanation: With software-defined networking (SDN), the filtering of network traffic is separated from the forwarding of network traffic so that it can be independently administered.

Which security concept would business continuity and disaster recovery fall under?A . ConfidentialityB . AvailabilityC . Fault toleranceD . IntegrityView AnswerAnswer: B Explanation: Disaster recovery and business continuity are vital concerns with availability. If data is destroyed or compromised, having regular backup systems in place as well as being able...

Which of the following is NOT an application or utility to apply and enforce baselines on a system?A . ChefB . GitHubC . PuppetD . Active DirectoryView AnswerAnswer: B Explanation: GitHub is an application for code collaboration, including versioning and branching of code trees. It is not used for applying...

Where is an XML firewall most commonly deployed in the environment?A . Between the application and data layersB . Between the IPS and firewallC . Between the presentation and application layersD . Between the firewall and application serverView AnswerAnswer: D Explanation: XML firewalls are most commonly deployed in line between...

What concept does the "I" represent with the STRIDE threat model?A . IntegrityB . Information disclosureC . IT securityD . Insider threatView AnswerAnswer: B Explanation: Perhaps the biggest concern for any user is having their personal and sensitive information disclosed by an application. There are many aspects of an application...

What type of security threat is DNSSEC designed to prevent?A . Account hijackingB . SnoopingC . SpoofingD . InjectionView AnswerAnswer: C Explanation: DNSSEC is designed to prevent the spoofing and redirection of DNS resolutions to rogue sites.