Practice Exams:

Free CCSP Exam Braindumps

Pass your Certified Cloud Security Professional exam with these free Questions and Answers

Page 8 of 103
PDF with 512 Questions
QUESTION 31

- (Exam Topic 3)
When an API is being leveraged, it will encapsulate its data for transmission back to the requesting party or service.
What is the data encapsulation used with the SOAP protocol referred to as?

  1. A. Packet
  2. B. Payload
  3. C. Object
  4. D. Envelope

Correct Answer: D
Simple Object Access Protocol (SOAP) encapsulates its information in what is known as a SOAP envelope. It then leverages common communications protocols for transmission. Object is a type of cloud storage, but also a commonly used term with certain types of programming languages. Packet and payload are terms that sound similar to envelope but are not correct in this case.

QUESTION 32

- (Exam Topic 2)
Which type of controls are the SOC Type 1 reports specifically focused on?

  1. A. Integrity
  2. B. PII
  3. C. Financial
  4. D. Privacy

Correct Answer: C
SOC Type 1 reports are focused specifically on internal controls as they relate to financial reporting.

QUESTION 33

- (Exam Topic 4)
Countermeasures for protecting cloud operations against internal threats include all of the following except:

  1. A. Mandatory vacation
  2. B. Least privilege
  3. C. Separation of duties
  4. D. Conflict of interest

Correct Answer: D
Conflict of interest is a threat, not a control.

QUESTION 34

- (Exam Topic 3)
Within a SaaS environment, what is the responsibility on the part of the cloud customer in regard to procuring the software used?

  1. A. Maintenance
  2. B. Licensing
  3. C. Development
  4. D. Purchasing

Correct Answer: B
Within a SaaS implementation, the cloud customer licenses the use of the software from the cloud provider
because SaaS delivers a fully functional application to the customer. With SaaS, the cloud provider is responsible for the entire software application and any necessary infrastructure to develop, run, and maintain it. The purchasing, development, and maintenance are fully the responsibility of the cloud provider.

QUESTION 35

- (Exam Topic 4)
What type of solution is at the core of virtually all directory services?

  1. A. WS
  2. B. LDAP
  3. C. ADFS
  4. D. PKI

Correct Answer: B
The Lightweight Directory Access Protocol (LDAP) forms the basis of virtually all directory services, regardless of the specific vendor or software package.WS is a protocol for information exchange between two systems and does not actually store the data. ADFS is a Windows component for enabling single sign-on for the operating system and applications, but it relies on data from an LDAP server. PKI is used for managing and issuing security certificates.

Page 8 of 103
PDF with 512 Questions

Post your Comments and Discuss ISC2 CCSP exam with other Community members: