CCSP Exam topics /
freecram test with
100% correct answers
Which of the following standards primarily pertains to cabling
designs and setups in a data center?
A. IDCA
B. BICSI
C. NFPA
D. Uptime Institute
B. BICSI
Which of the following publishes the most commonly used standard
for data center design in regard to tiers and topologies?
A. IDCA
B. Uptime Institute
C. NFPA
D. BICSI
B. Uptime Institute
Which United States program was designed to enable organizations
to bridge the gap between privacy laws and requirements of the
United States and the European Union?
A. GLBA
B. HIPAA
C. Safe Harbor
D. SOX
C. Safe Harbor
Which protocol allows a system to use block-level storage as if it
was a SAN, but over TCP network traffic instead?
A. SATA
B. iSCSI
C. TLS
D. SCSI
,B. iSCSI
Which of the following threat types involves the sending of
untrusted data to a user's browser to be executed with their own
credentials and access?
A. Missing function level access control
B. Cross-site scripting
C. Cross-site request forgery
D. Injection
B. Cross-site scripting
Which of the following pertains to a macro level approach to data
center design rather than the traditional tiered approach to data
centers?
A. IDCA
B. NFPA
C. BICSI
D. Uptime Institute
A. IDCA
Which of the following threat types can occur when an application
does not properly validate input and can be leveraged to send users
to malicious sites that appear to be legitimate?
A. Unvalidated redirects and forwards
B. Insecure direct object references
C. Security miscomfiguration
D. Sensitive data exposure
A. Unvalidated redirects and forwards
Which of the following threat types involves an application
developer leaving references to internal information and
configurations in code that is exposed to the client?
A. Sensitive data exposure
B. Security misconfiguration
C. Insecure direct object references
D. Unvalidated redirect and forwards
C. Insecure direct object references
Which one of the following threat types to applications and services
involves the sending of requests that are invalid and manipulated
through a user's client to execute commands on the application
under the user's own credentials?
A. Injection
, B. Missing function-level access control
C. Cross-site scripting
D. Cross-site request forgery
D. Cross-site request forgery
Different certifications and standards take different approaches to
data center design and operations. Although many traditional
approaches use a tiered methodology, which of the following utilizes
a macro-level approach to data center design?
A. IDCA
B. BICSI
C. Uptime Institute
D. NFPA
A. IDCA
Data center and operations design traditionally takes a tiered,
topological approach.Which of the following standards is focused on
that approach and is prevalently used throughout the industry?
A. IDCA
B. NFPA
C. BICSI
D. Uptime Institute
D. Uptime Institute
Which of the following threat types involves leveraging a user's
browser to send untrusted data to be executed with legitimate
access via the user's valid credentials?
A. Injection
B. Missing function-level access control
C. Cross-site scripting
D. Cross-site request forgery
C. Cross-site scripting
Many different common threats exist against web-exposed services
and applications. One attack involves attempting to leverage input
fields to execute queries in a nested fashion that is unintended by
the developers.What type of attack is this?
A. Injection
B. Missing function-level access control
C. Cross-site scripting
D. Cross-site request forgery
A. Injection
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BRAINBOOSTERS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.