CCSP Free Practice Test

- (Exam Topic 4)
Upon completing a risk analysis, a company has four different approaches to addressing risk. Which approach it takes will be based on costs, available options, and adherence to any regulatory requirements from independent audits.
Which of the following groupings correctly represents the four possible approaches?

1. A. Accept, avoid, transfer, mitigate
2. B. Accept, deny, transfer, mitigate
3. C. Accept, deny, mitigate, revise
4. D. Accept, dismiss, transfer, mitigate

Correct Answer: A
The four possible approaches to risk are as follows: accept (do not patch and continue with the risk), avoid (implement solutions to prevent the risk from occurring), transfer (take out insurance), and mitigate (change configurations or patch to resolve the risk). Each of these answers contains at least one incorrect approach name.

- (Exam Topic 1)
Which of the following is not a risk management framework?

1. A. COBIT
2. B. Hex GBL
3. C. ISO 31000:2009
4. D. NIST SP 800-37

Correct Answer: B
Hex GBL is a reference to a computer part in Terry Pratchett’s fictional Discworld universe. The rest are not.

- (Exam Topic 3)
If you are running an application that has strict legal requirements that the data cannot reside on systems that contain other applications or systems, which aspect of cloud computing would be prohibitive in this case?

1. A. Multitenancy
2. B. Broad network access
3. C. Portability
4. D. Elasticity

Correct Answer: A
Multitenancy is the aspect of cloud computing that involves having multiple customers and applications running within the same system and sharing the same resources. Although considerable mechanisms are in place to ensure isolation and separation, the data and applications are ultimately using shared resources. Broad network access refers to the ability to access cloud services from any location or client. Portability refers to the ability to easily move cloud services between different cloud providers, whereas elasticity refers to the capabilities of a cloud environment to add or remove services, as needed, to meet current demand.

- (Exam Topic 1)
What controls the formatting and security settings of a volume storage system within a cloud environment?

1. A. Management plane
2. B. SAN host controller
3. C. Hypervisor
4. D. Operating system of the host

Correct Answer: D
Once a storage LUN is allocated to a virtual machine, the operating system of that virtual machine will format, manage, and control the file system and security of the data on that LUN.

- (Exam Topic 1)
Which of the following roles is responsible for overseeing customer relationships and the processing of financial transactions?

1. A. Cloud service manager
2. B. Cloud service deployment
3. C. Cloud service business manager
4. D. Cloud service operations manager

Correct Answer: C
The cloud service business manager is responsible for overseeing business plans and customer relationships as well as processing financial transactions.