CCSP 2020 BEST EXAM STUDY by Brian
MacFarlane, CCSP | Standards &
Frameworks, ISO/IEC Standards,
WGU-C838-Pre-Assessment
What type of solutions enable enterprises or individuals to store data and computer files on the
Internet using a storage service provider rather than keeping the data locally on a physical disk
such as a hard drive or tape backup?
A.
Online backups
B.
Cloud backup solutions
C.
Removable hard drives
D.
Masking - ANS B
When using an infrastructure as a service (IaaS) solution, which of the following is not an
essential benefit for the customer?
A.
Removing the need to maintain a license library
B.
Metered service
C.
Energy and cooling efficiencies
D.
Transfer of ownership cost - ANS A
______________focuses on security and encryption to prevent unauthorized copying and
limitations on distribution to only those who pay.
A.
Information rights management (IRM)
,B.
Masking
C.
Bit splitting
D.
Degaussing - ANS A
Which of the following represents the correct set of four cloud deployment models?
A.
Public, private, joint and community
B.
Public, private, hybrid, and community
C.
Public, Internet, hybrid, and community
D.
External, private, hybrid, and community - ANS B
A special mathematical code that allows encryption hardware/software to encrypt and then
decipher a message.
A.
PKI
B.
Key
C.
Public-private
D.
Masking - ANS B
Which of the following lists the correct six components of the STRIDE threat model?
A.
Spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of
privilege
B.
Spoofing, tampering, refutation, information disclosure, denial of service, and social engineering
elasticity
C.
Spoofing, tampering, repudiation, information disclosure, distributed denial of service, and
elevation of privilege
D.
Spoofing, tampering, nonrepudiation, information disclosure, denial of service, and elevation of
privilege - ANS A
,What is the term that describes the assurance that a specific author actually created and sent a
specific item to a specific recipient, and that the message was successfully received?
A.
PKI
B.
DLP
C.
Nonrepudiation
D.
Bit splitting - ANS C
What is the correct term for the process of deliberately destroying the encryption keys used to
encrypt data?
A.
Poor key management
B.
PKI
C.
Obfuscation
D.
Crypto-shredding - ANS D
In a federated environment, who is the relying party, and what do they do?
A.
The relying party is the service provider, and they consume the tokens generated by the identity
provider.
B.
The relying party is the service provider, and they consume the tokens generated by the
customer.
C.
The relying party is the customer, and they consume the tokens generated by the identity
provider.
D.
The relying party is the identity provider, and they consume the tokens generated by the service
provider. - ANS A
What is the process of replacing sensitive data with unique identification symbols/addresses?
A.
Randomization
B.
Elasticity
C.
Obfuscation
D.
, Tokenization - ANS D
Which of the following data storage types are associated or used with platform as a service
(PaaS)?
A.
Databases and big data
B.
SaaS application
C.
Tabular
D.
Raw and block - ANS A
What is the term used for software technology that abstracts application software from the
underlying operating system on which it is executed?
A.
Partition
B.
Application virtualization
C.
Distributed
D.
SaaS - ANS B
Which of the following represents the US legislation enacted to protect shareholders and the
public from enterprise accounting errors and fraudulent practices?
A.
PCI
B.
Gramm-Leach-Bliley Act (GLBA)
C.
Sarbanes-Oxley Act (SOX)
D.
HIPAA - ANS C
Which of the following is a device that can safely store and manage encryption keys and is used
in servers, data transmission, and log files?
A.
Private key
B.
Hardware security module (HSM)
C.
Public key
D.
