2024年更新のISC Cloud Securityが有効なCCSP問題集を無料提供しています [Q238-Q259]

Share

2024年更新のISC Cloud Securityが有効なCCSP問題集を無料提供しています

最新のFast2test CCSPのPDF問題集をダウンロードしちゃおう:https://jp.fast2test.com/CCSP-premium-file.html(830問題と解答)

質問 # 238
When an organization is considering a cloud environment for hosting BCDR solutions, which of the following would be the greatest concern?

  • A. Availability
  • B. Self-service
  • C. Resource pooling
  • D. Location

正解:D

解説:
Explanation
If an organization wants to use a cloud service for BCDR, the location of the cloud hosting becomes a very important security consideration due to regulations and jurisdiction, which could be dramatically different from the organization's normal hosting locations. Availability is a hallmark of any cloud service provider, and likely will not be a prime consideration when an organization is considering using a cloud for BCDR; the same goes for self-service options. Resource pooling is common among all cloud systems and would not be a concern when an organization is dealing with the provisioning of resources during a disaster.


質問 # 239
Different certifications and standards take different approaches to data center design and operations. Although many traditional approaches use a tiered methodology, which of the following utilizes a macro- level approach to data center design?

  • A. Uptime Institute
  • B. NFPA
  • C. BICSI
  • D. IDCA

正解:D

解説:
The Infinity Paradigm of the International Data Center Authority (IDCA) takes a macro-level approach to data center design. The IDCA does not use a specific, focused approach on specific components to achieve tier status. Building Industry Consulting Services International (BICSI) issues certifications for data center cabling. The National Fire Protection Association (NFPA) publishes a broad range of fire safety and design standards for many different types of facilities.
The Uptime Institute publishes the most widely known and used standard for data center topologies and tiers.


質問 # 240
When an API is being leveraged, it will encapsulate its data for transmission back to the requesting party or service.
What is the data encapsulation used with the SOAP protocol referred to as?

  • A. Packet
  • B. Payload
  • C. Envelope
  • D. Object

正解:C

解説:
Explanation
Explanation:
Simple Object Access Protocol (SOAP) encapsulates its information in what is known as a SOAP envelope. It then leverages common communications protocols for transmission. Object is a type of cloud storage, but also a commonly used term with certain types of programming languages. Packet and payload are terms that sound similar to envelope but are not correct in this case.


質問 # 241
Identity and access management (IAM) is a security discipline that ensures which of the following?

  • A. That unauthorized users will get access to the right resources at the right time for the right reasons
  • B. That all users are properly authenticated
  • C. That the right individual gets access to the right resources at the right time for the right reasons.
  • D. That all users are properly authorized

正解:C

解説:
Options A and C are also correct, but included in B, making B the best choice. D is incorrect, because we don't want unauthorized users gaining access.


質問 # 242
Maintenance mode requires all of these actions except:

  • A. Ensure logging continues
  • B. Initiate enhanced security controls
  • C. Prevent new logins
  • D. Remove all active production instances

正解:B

解説:
Explanation
While the other answers are all steps in moving from normal operations to maintenance mode, we do not necessarily initiate any enhanced security controls.


質問 # 243
Which of the following terms is NOT a commonly used category of risk acceptance?

  • A. Critical
  • B. Moderate
  • C. Minimal
  • D. Accepted

正解:D

解説:
Explanation
Explanation
Accepted is not a risk acceptance category. The risk acceptance categories are minimal, low, moderate, high, and critical.


質問 # 244
Although much of the attention given to data security is focused on keeping data private and only accessible by authorized individuals, of equal importance is the trustworthiness of the data.
Which concept encapsulates this?

  • A. Accessibility
  • B. Integrity
  • C. Validity
  • D. Confidentiality

正解:B

解説:
Integrity refers to the trustworthiness of data and whether its format and values are true and have not been corrupted or otherwise altered through unauthorized means. Confidentiality refers to keeping data from being access or viewed by unauthorized parties. Accessibility means that data is available and ready when needed by a user or service. Validity can mean a variety of things that are somewhat similar to integrity, but it's not the most appropriate answer in this case.


質問 # 245
Which cloud service category would be most ideal for a cloud customer that is developing software to test its applications among multiple hosting providers to determine the best option for its needs?

  • A. PaaS
  • B. IaaS
  • C. SaaS
  • D. DaaS

正解:A

解説:
Platform as a Service would allow software developers to quickly and easily deploy their applications among different hosting providers for testing and validation in order to determine the best option. Although IaaS would also be appropriate for hosting applications, it would require too much configuration of application servers and libraries in order to test code. Conversely, PaaS would provide a ready-to-use environment from the onset.
DaaS would not be appropriate in any way for software developers to use to deploy applications. IaaS would not be appropriate in this scenario because it would require the developers to also deploy and maintain the operating system images or to contract with another firm to do so. SaaS, being a fully functional software platform, would not be appropriate for deploying applications into.


質問 # 246
What is the correct order of the phases of the data life cycle?

  • A. Create, Archive, Store, Share, Use, Destroy
  • B. Create, Use, Store, Share, Archive, Destroy
  • C. Create, Store, Use, Share, Archive, Destroy
  • D. Create, Store, Use, Archive, Share, Destroy

正解:C

解説:
Explanation/Reference:
Explanation:
The other options are the names of the phases, but out of proper order.


質問 # 247
All of the following are terms used to described the practice of obscuring original raw data so that only a portion is displayed for operational purposes, except:

  • A. Masking
  • B. Tokenization
  • C. Obfuscation
  • D. Data discovery

正解:D

解説:
Data discovery is a term used to describe the process of identifying information according to specific traits or categories. The rest are all methods for obscuring data.


質問 # 248
All the following are data analytics modes, except:

  • A. Datamining
  • B. Agile business intelligence
  • C. Refractory iterations
  • D. Real-time analytics

正解:C

解説:
All the others are data analytics methods, but "refractory iterations" is a nonsense term thrown in as a red herring.


質問 # 249
Which of the following is considered a technological control?

  • A. Fire extinguisher
  • B. Fireproof safe
  • C. Firing personnel
  • D. Firewall software

正解:D

解説:
Explanation/Reference:
Explanation:
A firewall is a technological control. The safe and extinguisher are physical controls and firing someone is an administrative control.


質問 # 250
Which of the cloud deployment models is used by popular services such as iCloud, Dropbox, and OneDrive?

  • A. Private
  • B. Community
  • C. Public
  • D. Hybrid

正解:C

解説:
Popular services such as iCloud, Dropbox, and OneDrive are all publicly available and are open to any user for free, with possible add-on services offered for a cost.


質問 # 251
Which of the following tasks within a SaaS environment would NOT be something the cloud customer would be responsible for?

  • A. Authentication mechanism
  • B. Branding
  • C. User access
  • D. Training

正解:A

解説:
Explanation/Reference:
Explanation:
The authentication mechanisms and implementations are the responsibility of the cloud provider because they are core components of the application platform and service. Within a SaaS implementation, the cloud customer will provision user access, deploy branding to the application interface (typically), and provide or procure training for its users.


質問 # 252
Each of the following is an element of the Identification phase of the identity and access management (IAM) process except _____________.
Response:

  • A. Deprovisioning
  • B. Inversion
  • C. Provisioning
  • D. Management

正解:B


質問 # 253
What must be secured on physical hardware to prevent unauthorized access to systems?

  • A. BIOS
  • B. RDP
  • C. SSH
  • D. ALOM

正解:A

解説:
BIOS is the firmware that governs the physical initiation and boot up of a piece of hardware. If it is compromised, an attacker could have access to hosted systems and make configurations changes to expose or disable some security elements on the system.


質問 # 254
Within a SaaS environment, what is the responsibility on the part of the cloud customer in regard to procuring the software used?

  • A. Licensing
  • B. Purchasing
  • C. Development
  • D. Maintenance

正解:A

解説:
Explanation/Reference:
Explanation:
Within a SaaS implementation, the cloud customer licenses the use of the software from the cloud provider because SaaS delivers a fully functional application to the customer. With SaaS, the cloud provider is responsible for the entire software application and any necessary infrastructure to develop, run, and maintain it. The purchasing, development, and maintenance are fully the responsibility of the cloud provider.


質問 # 255
Which of the following is NOT a core component of an SIEM solution?
Response:

  • A. Compliance
  • B. Correlation
  • C. Aggregation
  • D. Escalation

正解:D


質問 # 256
When an organization is considering the use of cloud services for BCDR planning and solutions, which of the following cloud concepts would be the most important?

  • A. Elasticity
  • B. Reversibility
  • C. Interoperability
  • D. Portability

正解:D

解説:
Portability is the ability for a service or system to easily move among different cloud providers. This is essential for using a cloud solution for BCDR because vendor lock-in would inhibit easily moving and setting up services in the event of a disaster, or it would necessitate a large number of configuration or component changes to implement. Interoperability, or the ability to reuse components for other services or systems, would not be an important factor for BCDR. Reversibility, or the ability to remove all data quickly and completely from a cloud environment, would be important at the end of a disaster, but would not be important during setup and deployment. Elasticity, or the ability to resize resources to meet current demand, would be very beneficial to a BCDR situation, but not as vital as portability.


質問 # 257
Which of the following is a management role, versus a technical role, as it pertains to data management and oversight?

  • A. Data custodian
  • B. Data owner
  • C. Database administrator
  • D. Data processor

正解:B

解説:
Explanation/Reference:
Explanation:
Data owner is a management role that's responsible for all aspects of how data is used and protected. The database administrator, data custodian, and data processor are all technical roles that involve the actual use and consumption of data, or the implementation of security controls and policies with the data.


質問 # 258
Which of the following threat types involves an application developer leaving references to internal information and configurations in code that is exposed to the client?

  • A. Security misconfiguration
  • B. Sensitive data exposure
  • C. Unvalidated redirect and forwards
  • D. Insecure direct object references

正解:D

解説:
An insecure direct object reference occurs when a developer has in their code a reference to something on the application side, such as a database key, the directory structure of the application, configuration information about the hosting system, or any other information that pertains to the workings of the application that should not be exposed to users or the network. Unvalidated redirects and forwards occur when an application has functions to forward users to other sites, and these functions are not properly secured to validate the data and redirect requests, allowing spoofing for malware of phishing attacks.
Sensitive data exposure occurs when an application does not use sufficient encryption and other security controls to protect sensitive application data. Security misconfigurations occur when applications and systems are not properly configured or maintained in a secure manner.


質問 # 259
......

実験された試験材料はCCSP:https://jp.fast2test.com/CCSP-premium-file.html

最新CCSPリアル試験問題をフォローせよ!:https://drive.google.com/open?id=1HuIQVRHsJX1NRKlLAQ0GB8sQYKn7sfYe


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어