Ben Malisow - (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests

4 Which of the following sanitization methods is feasible for use in the cloud?Crypto-shreddingDegaussingPhysical destructionOverwriting

5 Which of the following is not a method for enhancing data portability?Crypto-shreddingUsing standard data formatsAvoiding proprietary servicesFavorable contract terms

6 When implementing a digital rights management (DRM) solution in a cloud environment, which of the following does not pose an additional challenge for the cloud customer?Users might be required to install a DRM agent on their local devices.DRM solutions might have difficulty interfacing with multiple different operating systems and services.DRM solutions might have difficulty interacting with virtualized instances.Ownership of intellectual property might be difficult to ascertain.

7 When implementing cryptography in a cloud environment, where is the worst place to store the keys?With the cloud providerOff the cloud, with the data ownerWith a third-party provider, in key escrowAnywhere but with the cloud provider

8 Which of the following is not a security concern related to archiving data for long-term storage?Long-term storage of the related cryptographic keysFormat of the dataMedia the data resides onUnderground depth of the storage facility

9 Data dispersion is a cloud data security technique that is most similar to which legacy implementation?Business continuity and disaster recovery (BC/DR)Redundant Array of Inexpensive Disks (RAID)Software-defined networking (SDN)Content delivery network (CDN)

10 Data dispersion uses _______________, where the traditional implementation is called “striping.”ChunkingVaultingLumpingGrouping

11 Data dispersion uses _______________, where the traditional implementation is called “parity bits.”SmurfingSnarfingErasure codingReal-time bitlinking

12 Data dispersion provides protection for all the following security aspects except _______________.Protecting confidentiality against external attack on the storage areaLoss of availability due to single-storage-device failureLoss due to seizure by law enforcement in a multitenant environmentProtecting against loss due to user error

13 Your organization is migrating the production environment to an infrastructure as a service (IaaS) cloud implementation. Your users will need to be able to get access to their data, install programs, and partition memory space for their own purposes. You should configure the cloud memory as _______________.ObjectVolumeSyntheticDatabase

14 Your organization is migrating the production environment to an infrastructure as a service (IaaS) cloud implementation. Your users will need to be able to get access to their data and share data with other users in a defined way, according to a hierarchy. You should configure the cloud memory as _______________.Object storageVolume storageSynthetic storageDatabases

15 What is one of the benefits of implementing an egress monitoring solution?Preventing distributed denial of service (DDoS) attacksInventorying data assetsInterviewing data ownersProtecting against natural disasters

16 Egress monitoring solutions usually include a function that _______________.Arbitrates contract breachesPerforms personnel evaluation reviewsDiscovers data assets according to classification/categorizationApplies another level of access control

17 Egress monitoring solutions usually include a function that _______________.Uses biometrics to scan usersInspects incoming packetsResides on client machinesUses stateful inspection

18 Digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM) can be used to protect all sorts of sensitive data but are usually particularly designed to secure ____________.Personally identifiable information (PII)Intellectual propertyPlans and policiesMarketing material

19 Digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM) often protect unauthorized distribution of what type of intellectual property?PatentsTrademarksPersonally identifiable information (PII)Copyright

20 Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?PersistenceInfluenceResistanceTrepidation

21 Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?Automatic expirationMultilevel aggregationEnhanced detailBroad spectrum

22 Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?Transparent encryption modificationBilateral enhancementContinuous audit trailEncompassing flow

23 Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?Mapping to existing access control lists (ACLs)Delineating biometric catalogsPreventing multifactor authenticationProhibiting unauthorized transposition

24 According to the (ISC)2 Cloud Secure Data Lifecycle, which phase comes soon after (or at the same time as) the Create phase?StoreUseDeployArchive

25 According to the (ISC)2 Cloud Secure Data Lifecycle, which phase comes immediately before the Share phase?CreateDestroyUseEncrypt

26 Why is the term (ISC)2 Cloud Secure Data Lifecycle actually somewhat inaccurate?The term is not used only by (ISC)2.Not all phases are secure.Not all phases take place in the cloud.It’s not actually a cycle.

27 According to the (ISC)2 Cloud Secure Data Lifecycle, in which phase should the process of categorization/classification of data occur?CreateStoreDefineUse

28 Which of the following should occur during the final phase of the Cloud Secure Data Lifecycle?Data dispersionCrypto-shreddingCryptoparsingCryptosporidium

29 At what phase of the Cloud Secure Data Lifecycle does data enter long-term storage?The firstThe secondThe fourthThe fifth

30 What is a form of cloud storage where data is stored as objects, arranged in a hierarchal structure, like a file tree?Volume storageDatabasesContent delivery network (CDN)Object storage

31 What is a form of cloud storage where data is stored in a logical storage area assigned to the user but not necessarily physically attached or even geographically proximate to the compute node the user is utilizing?Volume storageDatabasesContent delivery network (CDN)Object storage

32 What is a form of cloud storage often used for streaming multimedia data to users?Volume storageDatabasesContent delivery network (CDN)Neutral storage

33 What type of data storage is often used in platform as a service (PaaS) arrangements?EphemeralDatabaseLong-termNefarious

34 What is a form of cloud data protection where data is spread across multiple storage devices/locations, similar to RAID in the legacy environment?InfringingData dispersionVoidingCrypto-shredding

35 Erasure coding, in the cloud, is similar to what element of RAID implementations in a traditional IT environment?DeltasInversionParity bitsTransposition

36 DLP (data loss prevention or data leak protection) solutions are implemented in the hopes of securing _______________.Sensitive data that may leave the organization’s controlAll data within the organization’s controlData being processed by the organization’s usersData that could be intercepted while out of the organization’s control

37 Which of the following will DLP (data loss prevention or data leak protection) solutions most likely not inspect?Email contentFTP trafficMaterial saved to portable mediaVoice over Internet Protocol (VoIP) conversations

38 DLP (data loss prevention or data leak protection) solutions may use all of the following techniques to identify sensitive data except _______________.Pattern matchingInferenceKeyword identificationMetadata tags