ISC-CCSP

Which of the following are the storage types associated with IaaS?

Which technology can be useful during the "share" phase of the cloud data lifecycle to continue to protect data as it leaves the original system and security controls?

Which of the following storage types is most closely associated with a traditional file system and tree structure?

Which of the following represents a prioritization of applications or cloud customers for the allocation of additional requested resources when there is a limitation on available resources?

Which type of audit report does many cloud providers use to instill confidence in their policies, practices, and procedures to current and potential customers?

Which of the following statements accurately describes VLANs?

What must be secured on physical hardware to prevent unauthorized access to systems?

What type of PII is regulated based on the type of application or per the conditions of the specific hosting agreement?

Which of the following security technologies is commonly used to give administrators access into trust zones within an environment?

Which concept BEST describes the capability for a cloud environment to automatically scale a system or application, based on its current resource demands?

If you're using iSCSI in a cloud environment, what must come from an external protocol or application?

Which of the following pertains to a macro level approach to data center design rather than the traditional tiered approach to data centers?

What does the REST API support that SOAP does NOT support?

Why does a Type 1 hypervisor typically offer tighter security controls than a Type 2 hypervisor?

Which of the following are the storage types associated with PaaS?

Which of the following threat types can occur when baselines are not appropriately applied or unauthorized changes are made?

What is the data encapsulation used with the SOAP protocol referred to?

Which of the following threat types can occur when an application does not properly validate input and can be leveraged to send users to malicious sites that appear to be legitimate?

Which publication from the United States National Institute of Standards and Technology pertains to defining cloud concepts and definitions for the various core components of cloud computing?

What is the biggest negative to leasing space in a data center versus building or maintain your own?

Which aspect of archiving must be tested regularly for the duration of retention requirements?

Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?

When is a virtual machine susceptible to attacks while a physical server in the same state would not be?

Which of the following threat types involves an application developer leaving references to internal information and configurations in code that is exposed to the client?

Which of the following is the biggest concern or challenge with using encryption?

Which of the following would NOT be considered part of resource pooling with an Infrastructure as a Service implementation?

Which technology is NOT commonly used for security with data in transit?

Which of the following roles is responsible for gathering metrics on cloud services and managing cloud deployments and the deployment processes?

Which of the following is considered an external redundancy for a data center?

Which of the following is the optimal humidity level for a data center, per the guidelines established by the America Society of Heating, Refrigeration, and AirConditioning Engineers (ASHRAE)?