CCSP

What is the best approach for dealing with services or utilities that are installed on a system but not needed to perform their desired function?A . RemoveB . MonitorC . DisableD . StopView AnswerAnswer: A Explanation: The best practice is to totally remove any unneeded services and utilities on a...

Which of the following threat types involves an application developer leaving references to internal information and configurations in code that is exposed to the client?A . Sensitive data exposureB . Security misconfigurationC . Insecure direct object referencesD . Unvalidated redirect and forwardsView AnswerAnswer: C Explanation: An insecure direct object reference...

With a cloud service category where the cloud customer is responsible for deploying all services, systems, and components needed for their applications, which of the following storage types are MOST likely to be available to them?A . Structured and hierarchicalB . Volume and objectC . Volume and databaseD . Structured...

What is a standard configuration and policy set that is applied to systems and virtual machines called?A . StandardizationB . BaselineC . HardeningD . RedlineView AnswerAnswer: B Explanation: The most common and efficient manner of securing operating systems is through the use of baselines. A baseline is a standardized and...

With finite resources available within a cloud, even the largest cloud providers will at times need to determine which customers will receive additional resources first. What is the term associated with this determination?A . WeightingB . PrioritizationC . SharesD . ScoringView AnswerAnswer: C Explanation: Shares are used within a cloud...

What is the first stage of the cloud data lifecycle where security controls can be implemented?A . UseB . StoreC . ShareD . CreateView AnswerAnswer: B Explanation: The "store" phase of the cloud data lifecycle, which typically occurs simultaneously with the "create" phase, or immediately thereafter, is the first phase...

Which of the following pertains to fire safety standards within a data center, specifically with their enormous electrical consumption?A . NFPAB . BICSIC . IDCAD . Uptime InstituteView AnswerAnswer: A Explanation: The standards put out by the National Fire Protection Association (NFPA) cover general fire protection best practices for any...

At which stage of the BCDR plan creation phase should security be included in discussions?A . Define scopeB . AnalyzeC . Assess riskD . Gather requirementsView AnswerAnswer: A Explanation: Security should be included in discussions from the very first phase when defining the scope. Adding security later is likely to...

Which of the following service capabilities gives the cloud customer an established and maintained framework to deploy code and applications?A . SoftwareB . DesktopC . PlatformD . InfrastructureView AnswerAnswer: C Explanation: The platform service capability provides programming languages and libraries from the cloud provider, where the customer can deploy their...

The European Union is often considered the world leader in regard to the privacy of personal data and has declared privacy to be a "human right." In what year did the EU first assert this principle?A . 1995B . 2000C . 2010D . 1999View AnswerAnswer: A Explanation: The EU passed...