ISC2 CCSP Exam Practice Test Instant Access

Question 1

Why does a Type 1 hypervisor typically offer tighter security controls than a Type 2 hypervisor?

AA Type 1 hypervisor also controls patching of its hosted virtual machines ensure they are always secure.

BA Type 1 hypervisor is tied directly to the bare metal and only runs with code necessary to perform its specific mission.

CA Type 1 hypervisor performs hardware-level encryption for tighter security and efficiency.

DA Type 1 hypervisor only hosts virtual machines with the same operating systems as the hypervisor.

Answer : B

Type 1 hypervisors run directly on top of the bare metal and only contain the code and functions required to perform their purpose. They do not rely on any other systems or contain extra features to secure.

Question 2

Which of the following frameworks focuses specifically on design implementation and management?

AISO 31000:2009

BISO 27017

CNIST 800-92

DHIPAA

Answer : A

ISO 31000:2009 specifically focuses on design implementation and management. HIPAA refers to health care regulations, NIST 800-92 is about log management, and ISO 27017 is about cloud specific security controls.

Question 3

Which of the following threat types involves an application that does not validate authorization for portions of itself after the initial checks?

AInjection

BMissing function-level access control

CCross-site request forgery

DCross-site scripting

Answer : B

It is imperative that an application perform checks when each function or portion of the application is accessed, to ensure that the user is properly authorized to access it. Without continual checks each time a function is accessed, an attacker could forge requests to access portions of the application where authorization has not been granted.

Question 4

Which of the following represents a prioritization of applications or cloud customers for the allocation of additional requested resources when there is a limitation on available resources?

AProvision

BLimit

CReservation

DShare

Answer : D

The concept of shares within a cloud environment is used to mitigate and control the request for resource allocations from customers that the environment may not have the current capability to allow. Shares work by prioritizing hosts within a cloud environment through a weighting system that is defined by the cloud provider. When periods of high utilization and allocation are reached, the system automatically uses scoring of each host based on its share value to determine which hosts get access to the limited resources still available. The higher the value a particular host has, the more resources it will be allowed to utilize.

Question 5

Which of the following is a commonly used tool for maintaining system configurations?

AMaestro

BOrchestrator

CPuppet

DConductor

Answer : C

Puppet is a commonly used tool for maintaining system configurations based on policies, and done so from a centralized authority.

Question 6

What must SOAP rely on for security?

AEncryption

BTokenization

CTLS

DSSL

Answer : A

Simple Object Access Protocol (SOAP) uses Extensible Markup Language (XML) for passing data, and it must rely on the encryption of those data packages for security.

Question 7

What does SDN stand for within a cloud environment?

ASoftware-dynamic networking

BSoftware-defined networking

CSoftware-dependent networking

DSystem-dynamic nodes

Answer : B

Software-defined networking separates the administration of network filtering and network forwarding to allow for distributed administration.

ISC2 Certified Cloud Security Professional CCSP Exam Practice Test