ISC-CCSP

To address shared monitoring and testing responsibilities in a cloud configuration, the provider might offer all these to the cloud customer except:

Which kind of SSAE audit report is most beneficial for a cloud customer, even though it's unlikely the cloud provider will share it?

When reviewing the BIA after a cloud migration, the organization should take into account new factors related to data breach impacts. One of these new factors is:

What is the term we use to describe the general ease and efficiency of moving data from one cloud provider either to another cloud provider or down from the cloud?

Countermeasures for protecting cloud operations against internal threats include all of the following except:

The cloud customer will have the most control of their data and systems, and the cloud provider will have the least amount of responsibility, in which cloud computing arrangement?

Countermeasures for protecting cloud operations against external attackers include all of the following except:

User access to the cloud environment can be administered in all of the following ways except:

Countermeasures for protecting cloud operations against internal threats include all of the following except:

Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except:

Because of multitenancy, specific risks in the public cloud that don't exist in the other cloud service models include all the following except:

What is the cloud service model in which the customer is responsible for administration of the OS?

All of the following are techniques to enhance the portability of cloud data, in order to minimize the potential of vendor lock-in except:

Hardening the operating system refers to all of the following except:

Which kind of SSAE audit report is a cloud customer most likely to receive from a cloud provider?

The cloud customer's trust in the cloud provider can be enhanced by all of the following except:

As a result of scandals involving publicly traded corporations such as Enron, WorldCom, and Adelphi, Congress passed legislation known as:

In addition to whatever audit results the provider shares with the customer, what other mechanism does the customer have to ensure trust in the provider's performance and duties?

The application normative framework is best described as which of the following?

Deviations from the baseline should be investigated and __________________.

Which of the following best describes the Organizational Normative Framework (ONF)?

A UPS should have enough power to last how long?

Which of the following best describes the purpose and scope of ISO/IEC 27034-1?

Which of the following best describes SAML?

Web application firewalls (WAFs) are designed primarily to protect applications from common attacks like:

APIs are defined as which of the following?

Which of the following best describes data masking?

Which of the following best describes a sandbox?

A localized incident or disaster can be addressed in a cost-effective manner by using which of the following?

In addition to battery backup, a UPS can offer which capability?