(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests. Ben Malisow
Чтение книги онлайн.
Читать онлайн книгу (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests - Ben Malisow страница 17
69 For which use case would it probably be best to use static masking?Creating a test environment for a new applicationAllowing a customer service representative limited access to account dataProviding detailed reports to regulatorsNotifying shareholders
70 For which use case would it probably be best to use dynamic masking?Creating a test environment for a new applicationAllowing a customer service representative limited access to account dataSending incident response notificationsImplementing business continuity and disaster recovery (BC/DR)
71 What is one possible risk associated with the use of algorithmic masking for obscuring a data set?You could corrupt the production data.The data could be subject to easy inadvertent disclosure.Algorithms are two-way operations.A null set has no test value.
72 ____________ is a direct identifier, and ____________ is an indirect identifier.Username; passwordUser’s name; user’s ageUser’s IP address; user’s media access control (MAC) addressLocation; income level
73 Anonymization is the process of removing ____________ from data sets.AccessCryptographic keysNumeric valuesIdentifying information
74 Tokenization is a method of obscuring data that, other than encryption, can be used to comply with ____________ standards.Gramm-Leach-Bliley Act (GLBA)Payment Card Industry (PCI)Child Online Protection Act (COPA)Sarbanes-Oxley Act (SOX)
75 Tokenization requires at least ____ database(s).OneTwoThreeFour
76 Data owners might consider using tokenization for all of the following reasons except _______________.Regulatory or contractual complianceInferenceReduced cost of complianceMitigating risk from data lost to intrusion
77 Bit-splitting, also known as data dispersion, might be thought of as ____________ in the cloud.RAIDBIOSDDoSSYN-ACK
78 Bit-splitting also provides security against data breaches by _______________.Removing all access to unauthorized partiesEnsuring that an unauthorized user only gets a useless fragment of dataMoving data across jurisdictional boundariesTracking all incoming access requests
79 If bit-splitting is used to store data sets across multiple jurisdictions, how may this enhance security?By making seizure of data by law enforcement more difficultBy hiding it from attackers in a specific jurisdictionBy ensuring that users can only accidentally disclose data to one geographic areaBy restricting privilege user access
80 Which of the following is a possible negative aspect of bit-splitting?Less securityGreatest risk of unauthorized accessSignificantly greater processing overheadViolating regulatory compliance
81 Which of the following is a possible negative aspect of bit-splitting?It may require trust in additional third parties beyond the primary cloud service provider.There may be cause for management concern that the technology will violate internal policy.Users will have far greater difficulty understanding the implementation.Limited vendors make acquisition and support challenging.
82 Which of the following is a possible negative aspect of bit-splitting?Greater chance of physical theft of assetsLoss of public imageSome risk to availability, depending on the implementationA small fire hazard
83 Which of the following is a theoretical technology that is intended to allow encrypted material to be processed and manipulated without decrypting it first?Inverse postulationHomomorphic encryptionDidactic alignmentObverse reinstantiation
84 Which of the following is a data discovery approach used by e-commerce retailers to discern and predict shoppers’ needs?Big dataReal-time analyticsAgile analyticsAgile business intelligence
85 Which of the following is a data discovery approach that offers insight to trends of trends, using both historical and predictive approaches?Obverse polyglotismBig dataReal-time analyticsAgile analytics/business intelligence
86 Which of the following is not a data discovery technique?MetadataLabelsContent analysisData hover
87 Which of the following data discovery techniques involves using extra information automatically appended/included with the intended data when the data is created?MetadataLabelsContent analysisData hover
88 When labeling is used as a data discovery technique, who should be applying the labels?The security officeUsersData ownersRegulators
89 When data labels are being used in an environment (for discovery and other purposes), when should the labels be applied?During the risk assessmentAs part of the business impact analysis (BIA)At collection/creationWhen the discovery tools are implemented
90 Which of the following tools might be useful in data discovery efforts that are based on content analysis?Egress monitoring solutionsDigital rights management (DRM)iSCSIFibre Channel over Ethernet (FCoE)
91 All of the following might be used as data discovery characteristics in a content-analysis-based data discovery effort except _______________.KeywordsPattern matchingFrequencyInheritance
92 What is the risk to the organization posed by dashboards that display data discovery results?Increased chance of external penetrationFlawed management decisions based on edited displaysHigher likelihood of inadvertent disclosureRaised incidence of physical theft
93 Which of these is most likely to have the greatest negative impact on data discovery effort?Bandwidth latency issuesPoor physical security of the data centerSevere statutory regulationInaccurate or incomplete data
94 Cloud customers performing data discovery efforts will have to ensure that the cloud provider attends to all of the following requirements except _______________.Allowing sufficient access to large volumes of dataPreserving metadata tagsAssigning labelsPreserving and maintaining the data
95 Where should the cloud provider’s data discovery requirements be listed?National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53Applicable laws and regulationsPayment Card Industry Data Security Standard (PCI DSS)The managed services contract and SLA
96 Who will determine data classifications for the cloud customer?The cloud providerNational Institute of Standards and Technology (NIST)RegulatorsThe cloud customer
97 An organization’s data classification scheme must include which of the following categories?File sizeOrigin of the dataSensitivity of the dataWhatever the data owner decides
98 Classification is usually considered a facet of data ____________.SecurityLabelingControlMarkup
99 Data classification can be ____________ or ____________.Inverse or obverseAutomatic or manualCorrect or incorrectDiurnal or nocturnal
100 Data may need to be reclassified for all the following reasons except _______________.Color changeTimeRepurposingTransfer of ownership
101 Proper __________ need(s) to be assigned to each data classification/category.Dollar valuesMetadataSecurity controlsPolicies
102 Data transformation in a cloud environment should be of great concern to organizations considering cloud migration because ____________ could affect data classification processes and implementations.MultitenancyVirtualizationRemote accessPhysical distance
103 Who is ultimately responsible for a data breach that includes personally identifiable information (PII), in the event of negligence on the part of the cloud provider?The userThe subjectThe cloud providerThe cloud customer
104 In a