CCSP Free Practice Test

- (Exam Topic 4)
Which of the following areas of responsibility always falls completely under the purview of the cloud provider, regardless of which cloud service category is used?

1. A. Infrastructure
2. B. Data
3. C. Physical
4. D. Governance

Correct Answer: C
Regardless of the cloud service category used, the physical environment is always the sole responsibility of the cloud provider. In many instances, the cloud provider will supply audit reports or some general information about their physical security practices, especially to those customers or potential customers that may have regulatory requirements, but otherwise the cloud customer will have very little insight into the physical environment. With IaaS, the infrastructure is a shared responsibility between the cloud provider and cloud customer. With all cloud service categories, the data and governance are always the sole responsibility of the cloud customer.

- (Exam Topic 4)
When beginning an audit, both the system owner and the auditors must agree on various aspects of the final audit report.
Which of the following would NOT be something that is predefined as part of the audit agreement?

1. A. Size
2. B. Format
3. C. Structure
4. D. Audience

Correct Answer: A
The ultimate size of the audit report is not something that would ever be included in the audit scope or definition. Decisions about the content of the report should be the only factor that drives the ultimate size of the report. The structure, audience, and format of the audit report are all crucial elements that must be defined and agreed upon as part of the audit scope.

- (Exam Topic 2)
Where is an XML firewall most commonly deployed in the environment?

1. A. Between the application and data layers
2. B. Between the IPS and firewall
3. C. Between the presentation and application layers
4. D. Between the firewall and application server

Correct Answer: D
XML firewalls are most commonly deployed in line between the firewall and application server to validate XML code before it reaches the application.

- (Exam Topic 2)
Which of the cloud cross-cutting aspects relates to the assigning of jobs, tasks, and roles, as well as to ensuring they are successful and properly performed?

1. A. Service-level agreements
2. B. Governance
3. C. Regulatory requirements
4. D. Auditability

Correct Answer: B
Governance at its core is the idea of assigning jobs, takes, roles, and responsibilities and ensuring they are satisfactory performed.

- (Exam Topic 1)
Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment?

1. A. Cloud service user
2. B. Cloud service business manager
3. C. Cloud service administrator
4. D. Cloud service integrator

Correct Answer: B
The cloud service business manager is responsible for overseeing business and billing administration, purchasing cloud services, and requesting audit reports when necessary