2022 CCSP Exam Study Guide
1,300 Questions
Within LDAP, which of the following acts as the primary key for an object?
A. CN
B. AN
C. HN
D. Distinguished Name (DN) ANS - D
Artificial intelligence that incorporates emotional intelligence, social intelligence, and
cognitive learning and responses is known as:
A. Humanized
B. Human-like
C. Analytical
D. Human-inspired ANS - A
A small business was unhappy with its cloud provider's services. For this reason, the
business decided to remove all data and applications from its cloud provider's
environment and move to a new cloud provider. It was able to do so without any
major impact on its production and operations.
What term BEST describes the ability to do this?
A. Multitenancy
B. Rapid elasticity
C. Reversibility
D. On-demand self-service ANS - C
There are four main cloud deployment models: public cloud, private cloud,
community cloud, and which of the following?
A. Mixed cloud
B. Metropolitan cloud
C. Hybrid cloud
D. Expanded cloud ANS - C
Through the Common Criteria standard, what does an EAL2 score tell us about the
organization's security practices and results?
A. It has been structurally tested
B. It has been functionally tested
C. It has been methodically tested and checked
D. It has a formally verified design and has been tested ANS - A
An engineer needs to ensure that data has been completely removed from cloud
servers after a data migration.
,Which data sanitation technique can be used in a cloud environment successfully?
A. Incineration
B. Degaussing
C. Destruction
D. Overwriting ANS - D
"Finite State Model" is one of the 11 sections that are defined in which standard?
A. PCI DSS
B. NIST SP 800-53
C. FIPS 140-2
D. ISO/IEC 27001 ANS - C
A merchant takes credit cards through a point of sale system.
Which compliance standard must the merchant adhere to?
A. ISO/IEC 27017
B. Common criteria
C. FIPS 140-2
D. PCI DSS ANS - D
Which of the following regulatory requirements applies to a retail clothing store that
accepts credit cards?
A. FISMA
B. HIPAA
C. PCI DSS
D. NFPA ANS - C
Interoperability can BEST be described as:
A. The ease with which resources can be rapidly expanded as needed by a cloud
customer.
B. The ability for two customers to share the same pool of resources while being
isolated from each other.
C. The ease with which components of an application or service can be moved or
reused.
D. The ability of customers to make changed to their cloud infrastructure with
minimal input from the cloud provider. ANS - C
Company A and Company B have both purchased cloud services from a cloud
service provider. Company A and Company B are both sharing access to a pool of
resources owned by the cloud service provider.
Which of the following BEST describes Company A and Company B?
A. Audit
,B. Partner
C. Tenant
D. Broker ANS - C
Your organization must be able to rapidly scale resources up or down, as required,
to meet future needs and from a variety of cloud geographical regions.
Which cloud characteristic is required in this scenario?
A. Scalability
B. Resource Pooling
C. Elasticity
D. High Availability ANS - C
Cloud service providers will have clear requirements for items such as uptime,
customer service response time, and availability.
Where would these requirements MOST LIKELY be outlined for the client?
A. RPO
B. RTO
C. SLA
D. NIST ANS - C
In a shared responsibility continuum, who takes a larger security role in an IaaS
model and a smaller role in a SaaS model?
A. Cloud Service Broker (CSB)
B. Cloud Service Provider (CSP)
C. Cloud Service Partner
D. Cloud Service Customer (CSC) ANS - D
After terminating an employee, the former employee went on to leak an
organization's sensitive intellectual property to a competitor.
Which type of threat is being described here?
A. Denial of Service (DoS)
B. Advanced Persistent Threat (APT)
C. Malicious Insider
D. Account Hijacking ANS - C
An engineer just purchased a software suite for his organization. The software is
hosted by a cloud provider and that cloud provider maintains and manages the
application itself, as well the entire infrastructure and platform. The software is
accessed over the Internet and is not installed locally on any employee's machine.
What type of cloud service is being described here?
A. CaaS
, B. SaaS
C. IaaS
D. PaaS ANS - B
What role do Amazon Web Services, Microsoft Azure, and Google Cloud play in
cloud computing?
A. Cloud Service Partner
B. Cloud Service Provider
C. Cloud Service Broker
D. Cloud Service Customer ANS - B
An organization is running VMware Workstation.
What type of hypervisor is this?
A. Software-based
B. IaaS
C. PaaS
D. Bare-metal ANS - A
An organization had a large amount of private data stolen by a hacker and then
leaked online.
This is an example of which type of threat?
A. Advanced persistent threat
B. Malicious insider
C. Data breach
D. Account hijacking ANS - C
Which of the following areas is always entirely the CSP's responsibility, regardless of
the cloud service model used?
A. Virtualization
B. Networking
C. Databases
D. Storage ANS - A
Which of the following organizations publishes security standards applicable to any
systems used by the federal government and its contractors?
A. ISO
B. ISACA
C. SOC
D. NIST ANS - D
Which of the following is an example of data sanitation?
1,300 Questions
Within LDAP, which of the following acts as the primary key for an object?
A. CN
B. AN
C. HN
D. Distinguished Name (DN) ANS - D
Artificial intelligence that incorporates emotional intelligence, social intelligence, and
cognitive learning and responses is known as:
A. Humanized
B. Human-like
C. Analytical
D. Human-inspired ANS - A
A small business was unhappy with its cloud provider's services. For this reason, the
business decided to remove all data and applications from its cloud provider's
environment and move to a new cloud provider. It was able to do so without any
major impact on its production and operations.
What term BEST describes the ability to do this?
A. Multitenancy
B. Rapid elasticity
C. Reversibility
D. On-demand self-service ANS - C
There are four main cloud deployment models: public cloud, private cloud,
community cloud, and which of the following?
A. Mixed cloud
B. Metropolitan cloud
C. Hybrid cloud
D. Expanded cloud ANS - C
Through the Common Criteria standard, what does an EAL2 score tell us about the
organization's security practices and results?
A. It has been structurally tested
B. It has been functionally tested
C. It has been methodically tested and checked
D. It has a formally verified design and has been tested ANS - A
An engineer needs to ensure that data has been completely removed from cloud
servers after a data migration.
,Which data sanitation technique can be used in a cloud environment successfully?
A. Incineration
B. Degaussing
C. Destruction
D. Overwriting ANS - D
"Finite State Model" is one of the 11 sections that are defined in which standard?
A. PCI DSS
B. NIST SP 800-53
C. FIPS 140-2
D. ISO/IEC 27001 ANS - C
A merchant takes credit cards through a point of sale system.
Which compliance standard must the merchant adhere to?
A. ISO/IEC 27017
B. Common criteria
C. FIPS 140-2
D. PCI DSS ANS - D
Which of the following regulatory requirements applies to a retail clothing store that
accepts credit cards?
A. FISMA
B. HIPAA
C. PCI DSS
D. NFPA ANS - C
Interoperability can BEST be described as:
A. The ease with which resources can be rapidly expanded as needed by a cloud
customer.
B. The ability for two customers to share the same pool of resources while being
isolated from each other.
C. The ease with which components of an application or service can be moved or
reused.
D. The ability of customers to make changed to their cloud infrastructure with
minimal input from the cloud provider. ANS - C
Company A and Company B have both purchased cloud services from a cloud
service provider. Company A and Company B are both sharing access to a pool of
resources owned by the cloud service provider.
Which of the following BEST describes Company A and Company B?
A. Audit
,B. Partner
C. Tenant
D. Broker ANS - C
Your organization must be able to rapidly scale resources up or down, as required,
to meet future needs and from a variety of cloud geographical regions.
Which cloud characteristic is required in this scenario?
A. Scalability
B. Resource Pooling
C. Elasticity
D. High Availability ANS - C
Cloud service providers will have clear requirements for items such as uptime,
customer service response time, and availability.
Where would these requirements MOST LIKELY be outlined for the client?
A. RPO
B. RTO
C. SLA
D. NIST ANS - C
In a shared responsibility continuum, who takes a larger security role in an IaaS
model and a smaller role in a SaaS model?
A. Cloud Service Broker (CSB)
B. Cloud Service Provider (CSP)
C. Cloud Service Partner
D. Cloud Service Customer (CSC) ANS - D
After terminating an employee, the former employee went on to leak an
organization's sensitive intellectual property to a competitor.
Which type of threat is being described here?
A. Denial of Service (DoS)
B. Advanced Persistent Threat (APT)
C. Malicious Insider
D. Account Hijacking ANS - C
An engineer just purchased a software suite for his organization. The software is
hosted by a cloud provider and that cloud provider maintains and manages the
application itself, as well the entire infrastructure and platform. The software is
accessed over the Internet and is not installed locally on any employee's machine.
What type of cloud service is being described here?
A. CaaS
, B. SaaS
C. IaaS
D. PaaS ANS - B
What role do Amazon Web Services, Microsoft Azure, and Google Cloud play in
cloud computing?
A. Cloud Service Partner
B. Cloud Service Provider
C. Cloud Service Broker
D. Cloud Service Customer ANS - B
An organization is running VMware Workstation.
What type of hypervisor is this?
A. Software-based
B. IaaS
C. PaaS
D. Bare-metal ANS - A
An organization had a large amount of private data stolen by a hacker and then
leaked online.
This is an example of which type of threat?
A. Advanced persistent threat
B. Malicious insider
C. Data breach
D. Account hijacking ANS - C
Which of the following areas is always entirely the CSP's responsibility, regardless of
the cloud service model used?
A. Virtualization
B. Networking
C. Databases
D. Storage ANS - A
Which of the following organizations publishes security standards applicable to any
systems used by the federal government and its contractors?
A. ISO
B. ISACA
C. SOC
D. NIST ANS - D
Which of the following is an example of data sanitation?
