CCSP

What concept does the "T" represent in the STRIDE threat model?A . TLSB . TestingC . Tampering with dataD . TransportView AnswerAnswer: C Explanation: Explanation Any application that sends data to the user will face the potential that the user could manipulate or alter the data, whether it resides in...

Which of the following service categories entails the least amount of support needed on the part of the cloud customer?A . SaaSB . IaaSC . DaaSD . PaaSView AnswerAnswer: A Explanation: With SaaS providing a fully functioning application that is managed and maintained by the cloud provider, cloud customers incur...

Which aspect of security is DNSSEC designed to ensure?A . IntegrityB . AuthenticationC . AvailabilityD . ConfidentialityView AnswerAnswer: A Explanation: DNSSEC is a security extension to the regular DNS protocol and services that allows for the validation of the integrity of DNS lookups. It does not address confidentiality or availability...

Which if the following is NOT one of the three components of a federated identity system transaction?A . Relying partyB . Identity providerC . UserD . Proxy relayView AnswerAnswer: D

What type of storage structure does object storage employ to maintain files?A . DirectoryB . HierarchicalC . treeD . FlatView AnswerAnswer: D Explanation: Object storage uses a flat file system to hold storage objects; it assigns files a key value that is then used to access them, rather than relying...

Within a federated identity system, which of the following would you be MOST likely to use for sending information for consumption by a relying party?A . XMLB . HTMLC . WS-FederationD . SAMLView AnswerAnswer: D Explanation: The Security Assertion Markup Language (SAML) is the most widely used method for encoding...

Which of the following statements accurately describes VLANs?A . They are not restricted to the same data center or the same racks.B . They are not restricted to the name rack but restricted to the same data center.C . They are restricted to the same racks and data centers.D ....

What is the concept of segregating information or processes, within the same system or application, for security reasons?A . fencingB . SandboxingC . CellblockingD . PoolingView AnswerAnswer: B Explanation: Sandboxing involves segregating and isolating information or processes from others within the same system or application, typically for security concerns. This...

Which of the cloud cross-cutting aspects relates to the assigning of jobs, tasks, and roles, as well as to ensuring they are successful and properly performed?A . Service-level agreementsB . GovernanceC . Regulatory requirementsD . AuditabilityView AnswerAnswer: B Explanation: Governance at its core is the idea of assigning jobs, takes,...

Many different common threats exist against web-exposed services and applications. One attack involves attempting to leverage input fields to execute queries in a nested fashion that is unintended by the developers. What type of attack is this?A . InjectionB . Missing function-level access controlC . Cross-site scriptingD . Cross-site request...