CCSP Free Practice Test

- (Exam Topic 4)
Best practices for key management include all of the following, except:

1. A. Ensure multifactor authentication
2. B. Pass keys out of band
3. C. Have key recovery processes
4. D. Maintain key security

Correct Answer: A
We should do all of these except for requiring multifactor authentication, which is pointless in key management.

- (Exam Topic 3)
Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?

1. A. Regulation
2. B. Multitenancy
3. C. Virtualization
4. D. Resource pooling

Correct Answer: B
With cloud providers hosting a number of different customers, it would be impractical for them to pursue additional certifications based on the needs of a specific customer. Cloud environments are built to a common denominator to serve the greatest number of customers. Especially within a public cloud model, it is not possible or practical for a cloud provider to alter its services for specific customer demands. Resource pooling and virtualization within a cloud environment would be the same for all customers, and would not impact certifications that a cloud provider might be willing to pursue. Regulations would form the basis for
certification problems and would be a reason for a cloud provider to pursue specific certifications to meet customer requirements.

- (Exam Topic 2)
Which of the following service categories entails the least amount of support needed on the part of the cloud customer?

1. A. SaaS
2. B. IaaS
3. C. DaaS
4. D. PaaS

Correct Answer: A
With SaaS providing a fully functioning application that is managed and maintained by the cloud provider, cloud customers incur the least amount of support responsibilities themselves of any service category.

- (Exam Topic 1)
Which type of cloud model typically presents the most challenges to a cloud customer during the "destroy" phase of the cloud data lifecycle?

1. A. IaaS
2. B. DaaS
3. C. SaaS
4. D. PaaS

Correct Answer: C
With many SaaS implementations, data is not isolated to a particular customer but rather is part of the overall application. When it comes to data destruction, a particular challenge is ensuring that all of a customer's data is completely destroyed while not impacting the data of other customers.

- (Exam Topic 1)
What must be secured on physical hardware to prevent unauthorized access to systems?

1. A. BIOS
2. B. SSH
3. C. RDP
4. D. ALOM

Correct Answer: A
BIOS is the firmware that governs the physical initiation and boot up of a piece of hardware. If it is compromised, an attacker could have access to hosted systems and make configurations changes to expose or disable some security elements on the system.