CCSP Free Practice Test

- (Exam Topic 1)
Which of the following roles involves testing, monitoring, and securing cloud services for an organization?

1. A. Cloud service integrator
2. B. Cloud service business manager
3. C. Cloud service user
4. D. Cloud service administrator

Correct Answer: D
The cloud service administrator is responsible for testing cloud services, monitoring services, administering security for services, providing usage reports on cloud services, and addressing problem reports

- (Exam Topic 4)
Which of the following is the least challenging with regard to eDiscovery in the cloud?

1. A. Identifying roles such as data owner, controller and processor
2. B. Decentralization of data storage
3. C. Forensic analysis
4. D. Complexities of International law

Correct Answer: C
Forensic analysis is the least challenging of the answers provided as it refers to the analysis of data once it is obtained. The challenges revolve around obtaining the data for analysis due to the complexities of international law, the decentralization of data storage or difficulty knowing where to look, and identifying the data owner, controller, and processor.

- (Exam Topic 4)
What must SOAP rely on for security since it does not provide security as a built-in capability?

1. A. Encryption
2. B. Tokenization
3. C. TLS
4. D. SSL

Correct Answer: A
Simple Object Access Protocol (SOAP) uses Extensible Markup Language (XML) for data passing, and it must rely on the encryption of those data packages for security. TLS and SSL (before it was deprecated) represent two commons approaches to using encryption for protection of data transmissions. However, they are only two possible options and do not encapsulate the overall concept the question is looking for. Tokenization, which involves the replacement of sensitive data with opaque values, would not be appropriate for use with SOAP because the actual data is needed by the services.

- (Exam Topic 4)
DLP can be combined with what other security technology to enhance data controls?

1. A. DRM
2. B. Hypervisor
3. C. SIEM
4. D. Kerberos

Correct Answer: A
DLP can be combined with DRM to protect intellectual property; both are designed to deal with data that falls into special categories. SIEMs are used for monitoring event logs, not live data movement. Kerberos is an authentication mechanism. Hypervisors are used for virtualization.

- (Exam Topic 3)
A web application firewall (WAF) can understand and act on ______ traffic.
Response:

1. A. Malicious
2. B. SMTP
3. C. ICMP
4. D. HTTP

Correct Answer: D