(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests - Mike Chapple, David Seidl

Blick ins Buch

(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (eBook)

Mike Chapple, David Seidl (Autoren)

eBook Download: EPUB

2022 | 3. Auflage
400 Seiten
Sybex (Verlag)
978-1-119-90942-2 (ISBN)

Lese- und Medienproben

Ebook-Leseprobe (EPUB)

The only official CCSP practice test product endorsed by (ISC)²

With over 850 practice questions all new for the 2022-2025 exam objectives, (ISC)² CCSP Certified Cloud Security Professional Official Practice Tests, 3^rd Edition gives you the opportunity to test your level of understanding and gauge your readiness for the Certified Cloud Security Professional (CCSP) exam long before the big day. These questions cover 100% of the CCSP exam domains and include answers with full explanations to help you understand the reasoning and approach for each. Logical organization by domain allows you to practice only the areas you need to bring you up to par, without wasting precious time on topics you’ve already mastered.

As the only official practice test product for the CCSP exam endorsed by (ISC)², this essential resource is your best bet for gaining a thorough understanding of the topic. It also illustrates the relative importance of each domain, helping you plan your remaining study time so you can go into the exam fully confident in your knowledge.

When you’re ready, two practice exams allow you to simulate the exam day experience and apply your own test-taking strategies with domains given in proportion to the real thing. The online learning environment and practice exams are the perfect way to prepare and make your progress easy to track.

For this new Third Edition, cloud security experts Mike Chapple and David Seidl have delivered an all-new question set for the new CCSP 2022-2025 objectives. These authors are well known for their best-selling (ISC)² CISSP Certified Information Systems Security Professional Official Practice Tests and now they’ve joined forces again to deliver the same high caliber practice questions for the CCSP exam.

Mike Chapple, PhD, CISSP, CCSP, is a bestselling author and Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame's Mendoza College of Business. He is also the Academic Director of the University's Master of Science in Business Analytics program and holds multiple technical certifications, including the SSCP, CIPP/US, CySA+, CISM, PenTest+, and Security+. David Seidl, CISSP, is Vice President for Information Technology and Chief Information Officer at Miami University. He holds multiple technical certifications including GPEN, GCIH, Pentest+ and CySA+ and has written books on security certification and cyberwarfare.

Introduction xv

Chapter 1 Domain 1: Cloud Concepts, Architecture, and Design 1

Chapter 2 Domain 2: Architecture and Design 23

Chapter 3 Domain 3: Cloud Platform and Infrastructure Security 45

Chapter 4 Domain 4: Cloud Application Security 65

Chapter 5 Domain 5: Cloud Security Operations 85

Chapter 6 Domain 6: Legal, Risk, and Compliance 105

Chapter 7 Practice Test 1 125

Chapter 8 Practice Test 2 151

Appendix Answers to Review Questions 175

Chapter 1: Domain 1: Cloud Concepts, Architecture, and Design 176

Chapter 2: Domain 2: Architecture and Design 188

Chapter 3: Domain 3: Cloud Platform and Infrastructure Security 198

Chapter 4: Domain 4: Cloud Application Security 213

Chapter 5: Domain 5: Cloud Security Operations 223

Chapter 6: Domain 6: Legal, Risk, and Compliance 232

Chapter 7: Practice Test 1 245

Chapter 8: Practice Test 2 259

Index 273

Chapter 1
Domain 1: Cloud Concepts, Architecture, and Design

SUBDOMAINS:

1.1 Understand cloud computing concepts
1.2 Describe cloud reference architecture
1.3 Understand security concepts relevant to cloud computing
1.4 Understand design principles of cloud computing
1.5 Evaluate cloud service providers

Matthew is reviewing a new cloud service offering that his organization plans to adopt. In this offering, a cloud provider will create virtual server instances under the multitenancy model. Each server instance will be accessible only to Matthew's company. What cloud deployment model is being used?
1. Hybrid cloud
2. Public cloud
3. Private cloud
4. Community cloud
Zeke is responsible for sanitizing a set of solid-state drives (SSDs) removed from servers in his organization's datacenter. The drives will be reused on a different project. Which one of the following sanitization techniques would be most effective?
1. Cryptographic erasure
2. Physical destruction
3. Degaussing
4. Overwriting
Tina would like to use a technology that will allow her to bundle up workloads and easily move them between different operating systems. What technology would best meet this need?
1. Virtual machines
2. Serverless computing
3. Hypervisors
4. Containers
Under the cloud reference architecture, which one of the following activities is not generally part of the responsibilities of a customer?
1. Monitor services
2. Prepare systems
3. Perform business administration
4. Handle problem reports
Seth is helping his organization move their web server cluster to a cloud provider. The goal of this move is to provide the cluster with the ability to grow and shrink based on changing demand. What characteristic of cloud computing is Seth hoping to achieve?
1. Scalability
2. On-demand self service
3. Elasticity
4. Broad network access
Sherry is deploying a zero-trust network architecture for her organization. In this approach, which one of the following characteristics would be least important in validating a login attempt?
1. User identity
2. IP address
3. Geolocation
4. Nature of requested access
Which one of the following hypervisor models is the most resistant to attack?
1. Type 1
2. Type 2
3. Type 3
4. Type 4
Joe is using a virtual server instance running on a public cloud provider and would like to restrict the ports on that server accessible from the internet. What security control would best allow him to meet this need?
1. Geofencing
2. Traffic inspection
3. Network firewall
4. Network security groups
Which one of the following cybersecurity threats is least likely to directly affect an object storage service?
1. Disk failure
2. User error
3. Ransomware
4. Virus
Vince would like to be immediately alerted whenever a user with access to a sensitive cloud service leaves a defined physical area. What type of security control should he implement?
1. Intrusion prevention system
2. Geofencing
3. Firewall rule
4. Geotagging
Which one of the following characteristics is not a component of the standard definition of cloud computing?
1. Broad network access
2. Rapid provisioning
3. Multitenancy
4. On-demand self service
Which one of the following sources provides a set of vendor-neutral design patterns for cloud security?
1. Cloud Security Alliance
2. Amazon Web Services
3. Microsoft
4. (ISC)2
Lori is using an API to access sensitive information stored in a cloud service. What cloud secure data lifecycle activity is Lori engaged in?
1. Store
2. Use
3. Destroy
4. Create
Helen would like to provision a disk volume in the cloud that is mountable from a server. What cloud capability does she want?
1. Virtualized server
2. Object storage
3. Network capacity
4. Block storage
Ben is using the sudo command to carry out operations on a Linux server. What type of access is he using?
1. Service access
2. Unauthorized access
3. User access
4. Privileged access
Which one of the following cryptographic goals protects against the risks posed when a device is lost or stolen?
1. Nonrepudiation
2. Authentication
3. Integrity
4. Confidentiality
Which type of business impact assessment tool is most appropriate when attempting to evaluate the impact of a failure on customer confidence?
1. Quantitative
2. Qualitative
3. Annualized loss expectancy
4. Single loss expectancy
Robert is reviewing a system that has been assigned the EAL2 evaluation assurance level under the Common Criteria. What is the highest level of assurance that he may have about the system?
1. It has been functionally tested.
2. It has been structurally tested.
3. It has been formally verified, designed, and tested.
4. It has been semi-formally designed and tested.
Jake would like to use a third-party platform to automatically move workloads between cloud service providers. What type of tool would best meet this need?
1. Cloud access service broker
2. Database
3. Virtualization
4. Orchestration
Robert is responsible for securing systems used to process credit card information. What security control framework should guide his actions?
1. HIPAA
2. PCI DSS
3. SOX
4. GLBA
What type of effort attempts to bring all of an organization's cloud activities under more centralized control?
1. Cloud access service broker
2. Cloud orchestration
3. Cloud governance
4. Cloud migration
Chris is designing a cryptographic system for use within his company. The company has 1,000 employees, and they plan to use an asymmetric encryption system. They would like the system to be set up so that any pair of arbitrary users may communicate privately. How many total keys will they need?
1. 500
2. 1,000
3. 2,000
4. 4,950
Erin is concerned about the risk that a cloud provider used by her organization will fail, so she is creating a strategy that will combine resources from multiple public cloud providers. What term best describes this strategy?
1. Community cloud
2. Multicloud
3. Private cloud
4. Hybrid cloud
Which one of the following would normally be considered an application capability of a cloud service provider?
1. Network capacity
2. Hosted email
3. Block storage
4. Serverless computing
What activity are cloud providers able to engage in because not all users will access the full capacity of their service offering simultaneously?
1. Oversubscription
2. Overprovisioning
3. Underprovisioning
4. Undersubscription
Brian recently joined an organization that runs the majority of its services on a virtualization platform located in its own datacenter but also leverages an IaaS provider for hosting its web services and an SaaS email system. What term best describes the type of cloud environment this organization uses?
1. Public cloud
2. Dedicated cloud
3. Private cloud
4. Hybrid cloud
In an infrastructure as a service (IaaS) environment where a vendor supplies a customer with access to storage services, who is normally responsible for removing sensitive data from drives that are taken out of service?
1. Customer's security team
2. Customer's storage team
3. Customer's vendor management team
4. Vendor
Lucca is reviewing his organization's disaster recovery process data and notes that the MTD for the business's main website is two hours. What does he know about the RTO for the site when he does testing and validation?
1. It needs to be less than two hours.
2. It needs to be at least two hours.
3. The MTD is too short and needs to be longer.
4. The RTO is too short and needs to be longer.
Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.
When Bob receives an encrypted message from Alice, what key does he use to decrypt the plaintext message's contents?
1. Alice's public key
2. Alice's private key
3. Bob's public key
4. Bob's private key
Jen works for an organization that assists other companies in moving their operations from on-premises datacenters to the cloud. Jen's company does not operate their own cloud services but assists in the use of services offered by other organizations. What term best describes the role of Jen's company?
1. Cloud service customer
2. Cloud service partner
3. Cloud service provider
4. Cloud service...

Erscheint lt. Verlag	21.9.2022
Sprache	englisch
Themenwelt	Mathematik / Informatik ► Informatik ► Netzwerke
Themenwelt	Sozialwissenschaften ► Pädagogik
Schlagworte	Certification (MSCE, Novell, etc.) • Computer Science • Informatik • Networking / Security • Netzwerk • Netzwerke / Sicherheit • Netzwerksicherheit • Prüfungsvorbereitung • Test Prep • Zertifizierung f. MSCE u. Novell
ISBN-10	1-119-90942-2 / 1119909422
ISBN-13	978-1-119-90942-2 / 9781119909422

Haben Sie eine Frage zum Produkt?

EPUB (Adobe DRM)
Größe: 1,6 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.