CCSP Free Practice Test

- (Exam Topic 2)
Which approach is typically the most efficient method to use for data discovery?

1. A. Metadata
2. B. Content analysis
3. C. Labels
4. D. ACLs

Correct Answer: A
Metadata is data about data. It contains information about the type of data, how it is stored and organized, or information about its creation and use.

- (Exam Topic 3)
Many tools and technologies are available for securing or monitoring data in transit within a data center, whether it is a traditional data center or a cloud.
Which of the following is NOT a technology for securing data in transit?

1. A. VPN
2. B. TLS
3. C. DNSSEC
4. D. HTTPS

Correct Answer: C
DNSSEC is an extension of the normal DNS protocol that enables a system to verify the integrity of a DNS query resolution by signing it from the authoritative source and verifying the signing chain. It is not used for
securing data transmissions or exchanges. HTTPS is the most common method for securing web service and data calls within a cloud, and TLS is the current standard for encrypting HTTPS traffic. VPNs are widely used for securing data transmissions and service access.

- (Exam Topic 4)
Which of the following is NOT a major regulatory framework?

1. A. PCI DSS
2. B. HIPAA
3. C. SOX
4. D. FIPS 140-2

Correct Answer: D
FIPS 140-2 is a United States certification standard for cryptographic modules, and it provides guidance and requirements for their use based on the requirements of the data classification. However, these are not actual regulatory requirements. The Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), and the Payment Card Industry Data Security Standard (PCI DSS) are all major regulatory frameworks either by law or specific to an industry.

- (Exam Topic 2)
Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?

1. A. Russia
2. B. France
3. C. Germany
4. D. United States

Correct Answer: A
Signed into law and effective starting on September 1, 2015, Russian Law 526-FZ establishes that any collecting, storing, or processing of personal information or data on Russian citizens must be done from systems and databases that are physically located with the Russian Federation.

- (Exam Topic 4)
All of the following are terms used to described the practice of obscuring original raw data so that only a portion is displayed for operational purposes, except:

1. A. Tokenization
2. B. Masking
3. C. Data discovery
4. D. Obfuscation

Correct Answer: C
Data discovery is a term used to describe the process of identifying information according to specific traits or categories. The rest are all methods for obscuring data.