CCSP Free Practice Test

- (Exam Topic 3)
In order to ensure ongoing compliance with regulatory requirements, which phase of the cloud data lifecycle must be tested regularly?

1. A. Archive
2. B. Share
3. C. Store
4. D. Destroy

Correct Answer: A
In order to ensure compliance with regulations, it is important for an organization to regularly test the restorability of archived data. As technologies change and older systems are deprecated, the risk rises for an organization to lose the ability to restore data from the format in which it is stored. With the destroy, store, and share phases, the currently used technologies will be sufficient for an organization's needs in an ongoing basis, so the risk that is elevated with archived data is not present.

- (Exam Topic 2)
Which aspect of security is DNSSEC designed to ensure?

1. A. Integrity
2. B. Authentication
3. C. Availability
4. D. Confidentiality

Correct Answer: A
DNSSEC is a security extension to the regular DNS protocol and services that allows for the validation of the integrity of DNS lookups. It does not address confidentiality or availability at all. It allows for a DNS client to perform DNS lookups and validate both their origin and authority via the cryptographic signature that accompanies the DNS response.

- (Exam Topic 4)
Hardening the operating system refers to all of the following except:

1. A. Limiting administrator access
2. B. Closing unused ports
3. C. Removing antimalware agents
4. D. Removing unnecessary services and libraries

Correct Answer: C
Removing antimalware agents. Hardening the operating system means making it more secure. Limiting administrator access, closing unused ports, and removing unnecessary services and libraries all have the potential to make an OS more secure. But removing antimalware agents would actually make the system less secure. If anything, antimalware agents should be added, not removed.

- (Exam Topic 4)
The WS-Security standards are built around all of the following standards except which one?

1. A. SAML
2. B. WDSL
3. C. XML
4. D. SOAP

Correct Answer: A
The WS-Security specifications, as well as the WS-Federation system, are built upon XML, WDSL, and SOAP. SAML is a very similar protocol that is used as an alternative to WS.XML, WDSL, and SOAP are all integral to the WS-Security specifications.

- (Exam Topic 2)
Where is an XML firewall most commonly deployed in the environment?

1. A. Between the application and data layers
2. B. Between the IPS and firewall
3. C. Between the presentation and application layers
4. D. Between the firewall and application server

Correct Answer: D
XML firewalls are most commonly deployed in line between the firewall and application server to validate XML code before it reaches the application.