ISC2 CCSP Exam Questions Instant Access - No Installation Required

Question 1

Identity and access management (IAM) is a security discipline that ensures which of the following?

AThat all users are properly authorized

BThat the right individual gets access to the right resources at the right time for the right reasons.

CThat all users are properly authenticated

DThat unauthorized users will get access to the right resources at the right time for the right reasons

Answer : B

Options A and C are also correct, but included in B, making B the best choice. D is incorrect, because we don't want unauthorized users gaining access.

Question 2

Cloud systems are increasingly used for BCDR solutions for organizations.

What aspect of cloud computing makes their use for BCDR the most attractive?

AOn-demand self-service

BMeasured service

CPortability

DBroad network access

Answer : B

Business continuity and disaster recovery (BCDR) solutions largely sit idle until they are actually needed. This traditionally has led to increased costs for an organization because physical hardware must be purchased and operational but is not used. By using a cloud system, an organization will only pay for systems when they are being used and only for the duration of use, thus eliminating the need for extra hardware and costs. Portability is the ability to easily move services among different cloud providers. Broad network access allows access to users and staff from anywhere and from different clients, and although this would be important for a BCDR situation, it is not the best answer in this case. On-demand self-service allows users to provision services automatically and when needed, and although this too would be important for BCDR situations, it is not the best answer because it does not address costs or the biggest benefits to an organization.

Question 3

Which protocol, as a part of TLS, handles the actual secure communications and transmission of data?

ANegotiation

BHandshake

CTransfer

DRecord

Answer : D

The TLS record protocol is the actual secure communications method for transmitting data; it's responsible for encrypting and authenticating packets throughout their transmission between the parties, and in some cases it also performs compression. The TLS handshake protocol is what negotiates and establishes the TLS connection between two parties and enables the secure communications channel to then handle data transmissions. Negotiation and transfer are not protocols under TLS.

Question 4

What is the concept of segregating information or processes, within the same system or application, for security reasons?

Afencing

BSandboxing

CCellblocking

DPooling

Answer : B

Sandboxing involves segregating and isolating information or processes from others within the same system or application, typically for security concerns. This is generally used for data isolation (for example, keeping different communities and populations of users isolated from other similar data).

Question 5

Which of the following best describes the Organizational Normative Framework (ONF)?

AA set of application security, and best practices, catalogued and leveraged by the organization

BA container for components of an application's security, best practices catalogued and leveraged by the organization

CA framework of containers for some of the components of application security, best practices, catalogued and leveraged by the organization

DA framework of containers for all components of application security, best practices, catalogued and leveraged by the organization.

Answer : D

Option B is incorrect, because it refers to a specific applications security elements, meaning it is about an ANF, not the ONF. C is true, but not as complete as D, making D the better choice. C suggests that the framework contains only ''some'' of the components, which is why B (which describes ''all'' components) is better

Question 6

Which of the following roles involves the provisioning and delivery of cloud services?

ACloud service deployment manager

BCloud service business manager

CCloud service manager

DCloud service operations manager

Answer : C

The cloud service manager is responsible for the delivery of cloud services, the provisioning of cloud services, and the overall management of cloud services.

Question 7

What is used for local, physical access to hardware within a data center?

ASSH

BKVM

CVPN

DRDP

Answer : B

Local, physical access in a data center is done via KVM (keyboard, video, mouse) switches.

ISC2 Certified Cloud Security Professional CCSP Exam Questions