The purpose of this Sample Question Set is to provide you with information about the ISC2 Cloud Security Professional (CCSP) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CCSP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 CCSP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Certified Cloud Security Professional (CCSP) certification exam.
These sample questions are simple and basic questions that represent likeness to the real ISC2 Cloud Security Professional exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium ISC2 CCSP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
ISC2 CCSP Sample Questions:
01. User access to the cloud environment can be administered in all of the following ways except:
a) Customer directly administers access
b) Customer provides administration on behalf of the provider
c) Provider provides administration on behalf the customer
d) Third party provides administration on behalf of the customer
02. Which kind of SSAE audit report is a cloud customer most likely to receive from a cloud provider?
a) SOC 1 Type 1
b) SOC 2 Type 2
c) SOC 1 Type 2
d) SOC 3
03. All policies within the organization should include a section that includes all of the following, except:
a) Policy maintenance
b) Policy review
c) Policy enforcement
d) Policy adjudication
04. When using an Infrastructure as a Service solution, what is a key benefit provided to the customer?
a) Usage is metered and priced on the basis of units consumed.
b) The ability to scale up infrastructure services based on projected usage.
c) Increased energy and cooling system efficiencies.
d) Cost of ownership is transferred.
05. Identity and access management (IAM) is a security discipline that ensures which of the following?
a) That all users are properly authorized
b) That the right individual gets access to the right resources at the right time for the right reasons
c) That all users are properly authenticated
d) That unauthorized users will get access to the right resources at the right time for the right reasons
06. What are third-party providers of IAM functions for the cloud environment?
07. Which of the following best describes SAML?
a) A standard for developing secure application management logistics
b) A standard for exchanging usernames and passwords across devices
c) A standard for exchanging authentication and authorization data between security domains
d) A standard used for directory synchronization
08. A poorly negotiated cloud service contract could result in all the following detrimental effects except:
a) Vendor lock-in
b) Lack of necessary services
c) Unfavorable terms
09. DLP can be combined with what other security technology to enhance data controls?
10. What is the experimental technology that might lead to the possibility of processing encrypted data without having to decrypt it first?
b) Link encryption
c) Homomorphic encryption
d) One-time pads
Note: For any error in ISC2 Certified Cloud Security Professional (CCSP) certification exam sample questions, please update us by writing an email on firstname.lastname@example.org.