ISC2 CCSP Free Practice Questions 2021

NEW QUESTION 1
You are the data manager for a retail company; you anticipate a much higher volume of sales activity in the final quarter of each calendar year than the other quarters.
In order to handle these increased transactions, and to accommodate the temporary sales personnel you will hire for only that time period, you consider augmenting your internal, on-premises production environment with a cloud capability for a specific duration, and will return to operating fully on-premises after the period of increased activity.
This is an example of ______.
Response:

• A. Cloud framing
• B. Cloud enhancement
• C. Cloud fragility
• D. Cloud bursting

Answer: D

NEW QUESTION 2
Your application has been a continued target for SQL injection attempts. Which of the following technologies would be best used to combat the likeliness of a successful SQL injection exploit from occurring?
Response:

• A. XML accelerator
• B. WAF
• C. Sandbox
• D. Firewall

Answer: B

NEW QUESTION 3
Which security certification serves as a general framework that can be applied to any type of system or application?
Response:

• A. ISO/IEC 27001
• B. PCI DSS
• C. FIPS 140-2
• D. NIST SP 800-53

Answer: A

NEW QUESTION 4
Which of the following are considered to be the building blocks of cloud computing? Response:

• A. Data, access control, virtualization, and services
• B. Storage, networking, printing and virtualization
• C. CPU, RAM, storage and networking
• D. Data, CPU, RAM, and access control

Answer: C

NEW QUESTION 5
Which key storage solution would be the BEST choice in a situation where availability might be of a particular concern?
Response:

• A. Internal
• B. External
• C. Hosted
• D. Embedded

Answer: A

NEW QUESTION 6
Federation allows ______ across organizations.
Response:

• A. Role replication
• B. Encryption
• C. Policy
• D. Access

Answer: D

NEW QUESTION 7
DAST checks software functionality in ______.
Response:

• A. The production environment
• B. A runtime state
• C. The cloud
• D. An IaaS configuration

Answer: B

NEW QUESTION 8
A process for ______ can aid in protecting against data disclosure due to lost devices. Response:

• A. User punishment
• B. Credential revocation
• C. Law enforcement notification
• D. Device tracking

Answer: B

NEW QUESTION 9
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months. The 2013 OWASP Top Ten list includes “sensitive data exposure.”
Which of these is a technique to reduce the potential for a sensitive data exposure? Response:

• A. Extensive user training on proper data handling techniques
• B. Advanced firewalls inspecting all inbound traffic, to include content-based screening
• C. Ensuring the use of utility backup power supplies
• D. Roving security guards

Answer: A

NEW QUESTION 10
The nature of cloud computing and how it operates make complying with data discovery and disclosure orders more difficult. Which of the following concepts provides the biggest challenge in regard to data collection, pursuant to a legal order?
Response:

• A. Portability
• B. Multitenancy
• C. Reversibility
• D. Auto-scaling

Answer: B

NEW QUESTION 11
What is the term used to describe loss of access to data because the cloud provider has ceased operation? Response:

• A. Closing
• B. Vendor lock-out
• C. Vendor lock-in
• D. Masking

Answer: B

NEW QUESTION 12
The physical layout of a cloud data center campus should include redundancies of all the following except
______ .
Response:

• A. Generators
• B. HVAC units
• C. Generator fuel storage
• D. Points of personnel ingress

Answer: D

NEW QUESTION 13
A bare-metal hypervisor is Type ______.
Response:

• A. 1
• B. 2
• C. 3
• D. 4

Answer: A

NEW QUESTION 14
You are the security manager for a company that is considering cloud migration to an IaaS environment. You are assisting your company’s IT architects in constructing the environment. Which of the following options do you recommend?
Response:

• A. Unrestricted public access
• B. Use of a Type I hypervisor
• C. Use of a Type II hypervisor
• D. Enhanced productivity without encryption

Answer: B

NEW QUESTION 15
What is the primary security mechanism used to protect SOAP and REST APIs? Response:

• A. Firewalls
• B. XML firewalls
• C. Encryption
• D. WAFs

Answer: C

NEW QUESTION 16
Who should be the only entity allowed to declare that an organization can return to normal following contingency or BCDR operations?
Response:

• A. Regulators
• B. Law enforcement
• C. The incident manager
• D. Senior management

Answer: D

NEW QUESTION 17
Which of the following is perhaps the best method for reducing the risk of a specific application not delivering the proper level of functionality and performance when it is moved from the legacy environment into the cloud?
Response:

• A. Remove the application from the organization’s production environment, and replace it with something else.
• B. Negotiate and conduct a trial run in the cloud environment for that application before permanently migrating.
• C. Make sure the application is fully updated and patched according to all vendor specifications.
• D. Run the application in an emulator.

Answer: B

NEW QUESTION 18
DLP solutions can aid all of the following security-related efforts except ______.
Response:

• A. Access control
• B. Egress monitoring
• C. e-discovery/forensics
• D. Data categorization/classification

Answer: A

NEW QUESTION 19
Which of the following would NOT be included as input into the requirements gathering for an application or system?
Response:

• A. Users
• B. Management
• C. Regulators
• D. Auditors

Answer: D