CCSP

Which of the following represents a control on the maximum amount of resources that a single customer, virtual machine, or application can consume within a cloud environment?A . ShareB . ReservationC . ProvisionD . LimitView AnswerAnswer: D Explanation: Limits are put in place to enforce a maximum on the amount...

What does the REST API support that SOAP does NOT support?A . CachingB . EncryptionC . AccelerationD . RedundancyView AnswerAnswer: A Explanation: The SOAP protocol does not support caching, whereas the REST API does.

Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time. What is the minimum span of time for a SOC Type 2 report?A . Six monthsB . One monthC . One yearD . One weekView...

If a cloud computing customer wishes to guarantee that a minimum level of resources will always be available, which of the following set of services would compromise the reservation?A . Memory and networkingB . CPU and softwareC . CPU and storageD . CPU and memoryView AnswerAnswer: D Explanation: A reservation...

Which of the following is NOT a function performed by the record protocol of TLS?A . EncryptionB . AccelerationC . AuthenticationD . CompressionView AnswerAnswer: B Explanation: The record protocol of TLS performs the authentication and encryption of data packets, and in some cases compression as well. It does not perform...

Which of the following is not a risk management framework?A . COBITB . Hex GBLC . ISO 31000:2009D . NIST SP 800-37View AnswerAnswer: B Explanation: Hex GBL is a reference to a computer part in Terry Pratchett’s fictional Discworld universe. The rest are not.

Which protocol allows a system to use block-level storage as if it was a SAN, but over TCP network traffic instead?A . SATAB . iSCSIC . TLSD . SCSIView AnswerAnswer: B Explanation: iSCSI is a protocol that allows for the transmission and use of SCSI commands and features over a...

Which type of audit report does many cloud providers use to instill confidence in their policies, practices, and procedures to current and potential customers?A . SAS-70B . SOC 2C . SOC 1D . SOXView AnswerAnswer: B Explanation: One approach that many cloud providers opt to take is to undergo a...

Which jurisdiction lacks specific and comprehensive privacy laws at a national or top level of legal authority?A . European UnionB . GermanyC . RussiaD . United StatesView AnswerAnswer: D Explanation: The United States lacks a single comprehensive law at the federal level addressing data security and privacy, but there are...

Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?A . Missing function level access controlB . Cross-site scriptingC . Cross-site request forgeryD . InjectionView AnswerAnswer: B Explanation: Cross-site scripting (XSS) is an attack where...