CCSP exam

Which aspect of SaaS will alleviate much of the time and energy organizations spend on compliance (specifically baselines)?A . MaintenanceB . LicensingC . StandardizationD . DevelopmentView AnswerAnswer: C Explanation: With the entire software platform being controlled by the cloud provider, the standardization of configurations and versioning is done automatically for...

What changes are necessary to application code in order to implement DNSSEC?A . Adding encryption modulesB . Implementing certificate validationsC . Additional DNS lookupsD . No changes are needed.View AnswerAnswer: D Explanation: To implement DNSSEC, no additional changes are needed to applications or their code because the integrity checks are...

Which of the following threat types involves the sending of invalid and manipulated requests through a user's client to execute commands on the application under their own credentials?A . InjectionB . Cross-site request forgeryC . Missing function-level access controlD . Cross-site scriptingView AnswerAnswer: B Explanation: A cross-site request forgery (CSRF)...

What strategy involves replacing sensitive data with opaque values, usually with a means of mapping it back to the original value?A . MaskingB . AnonymizationC . TokenizationD . ObfuscationView AnswerAnswer: C Explanation: Tokenization is the practice of utilizing a random and opaque "token" value in data to replace what otherwise...

Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment?A . Cloud service userB . Cloud service business managerC . Cloud service administratorD . Cloud service integratorView AnswerAnswer: B Explanation: The cloud service business manager is responsible for overseeing business...

Which European Union directive pertains to personal data privacy and an individual's control over their personal data?A . 99/9/ECB . 95/46/ECC . 2000/1/ECD . 2013/27001/ECView AnswerAnswer: B Explanation: Directive 95/46/EC is titled "On the protection of individuals with regard to the processing of personal data and on the free movement...

Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?A . InfrastructureB . PlatformC . ApplicationD . DataView AnswerAnswer: D Explanation: Regardless of which cloud-hosting model is used, the cloud customer always has sole responsibility for the data and its security.

What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?A . AnonymizationB . TokenizationC . MaskingD . ObfuscationView AnswerAnswer: A Explanation: With data anonymization, data is manipulated in such a way so as to prevent the identification of...

What type of segregation and separation of resources is needed within a cloud environment for multitenancy purposes versus a traditional data center model?A . VirtualB . SecurityC . PhysicalD . LogicalView AnswerAnswer: D Explanation: Cloud environments lack the ability to physically separate resources like a traditional data center can. To...

Which aspect of cloud computing pertains to cloud customers only paying for the resources and services they actually use?A . Metered serviceB . Measured billingC . Metered billingD . Measured serviceView AnswerAnswer: D Explanation: Measured service is the aspect of cloud computing that pertains to cloud services and resources being...