CCSP Free Practice Test

- (Exam Topic 1)
Because PaaS implementations are so often used for software development, what is one of the vulnerabilities that should always be kept in mind?
Response:

1. A. Malware
2. B. Loss/theft of portable devices
3. C. Backdoors
4. D. DoS/DDoS

Correct Answer: C

- (Exam Topic 2)
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months. The 2013 OWASP Top Ten list includes “using components with known vulnerabilities.”
Why would an organization ever use components with known vulnerabilities to create software? Response:

1. A. The organization is insured.
2. B. The particular vulnerabilities only exist in a context not being used by developers.
3. C. Some vulnerabilities only exist in foreign countries.
4. D. A component might have a hidden vulnerability.

Correct Answer: B

- (Exam Topic 2)
What could be the result of failure of the cloud provider to secure the hypervisor in such a way that one user on a virtual machine can see the resource calls of another user’s virtual machine?
Response:

1. A. Unauthorized data disclosure
2. B. Inference attacks
3. C. Social engineering
4. D. Physical intrusion

Correct Answer: B

- (Exam Topic 1)
Which of the following is not typically included as a basic phase of the software development life cycle?

1. A. Define
2. B. Design
3. C. Describe
4. D. Develop

Correct Answer: C

- (Exam Topic 1)
Which of the following practices can enhance both operational capabilities and configuration management efforts?
Response:

1. A. Regular backups
2. B. Constant uptime
3. C. Multifactor authentication
4. D. File hashes

Correct Answer: D