Valid CCSP Dumps shared by EduDump.com for Helping Passing CCSP Exam! EduDump.com now offer the newest CCSP exam dumps, the EduDump.com CCSP exam questions have been updated and answers have been corrected get the newest EduDump.com CCSP dumps with Test Engine here:
Access CCSP Dumps Premium Version
(827 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 212/290
DNSSEC was designed to add a layer of security to the DNS protocol.
Which type of attack was the DNSSEC extension designed to mitigate?
Which type of attack was the DNSSEC extension designed to mitigate?
Correct Answer: C
DNSSEC is an extension to the regular DNS protocol that utilizes digital signing of DNS query results, which can be verified to come from an authoritative source. This verification mitigates the ability for a rogue DNS server to be used to spoof query results and to direct users to malicious sites. DNSSEC provides for the verification of the integrity of DNS queries. It does not provide any protection from snooping or data exposure. Although it may help lessen account hijacking by preventing users from being directed to rogue sites, it cannot by itself eliminate the possibility.
- Question List (290q)
- Question 1: Which one of the following is not one of the three common th...
- Question 2: What strategy involves hiding data in a data set to prevent ...
- 1 commentQuestion 3: An SLA contains the official requirements for contract perfo...
- Question 4: Which of the following threat types involves leveraging a us...
- Question 5: Which protocol, as a part of TLS, handles the actual secure ...
- Question 6: _________ is the legal concept whereby a cloud customer is h...
- Question 7: What is the term that describes the situation when a malicio...
- Question 8: It's important to maintain a current asset inventory list, i...
- Question 9: Which of the following are contractual components that the C...
- Question 10: Which of the following roles is responsible for peering with...
- Question 11: Which of the following best describes a cloud carrier?...
- Question 12: Which type of audit report is considered a "restricted use" ...
- Question 13: Which of the following security measures done at the network...
- Question 14: Which of the following is a possible negative aspect of bit-...
- Question 15: In application-level encryption, where does the encryption e...
- Question 16: Which of the following represents a minimum guaranteed resou...
- Question 17: Which of the following is considered a physical control?...
- Question 18: When using an Infrastructure as a Service (IaaS) solution, w...
- Question 19: All of the following entitles are required to use FedRAMP-ac...
- Question 20: What is a data custodian responsible for?...
- Question 21: Which cloud service category most commonly uses client-side ...
- Question 22: Typically, SSDs are ____________. Response:...
- Question 23: Which technology is most associated with tunneling? Response...
- Question 24: Which of the following threat types involves the sending of ...
- Question 25: Penetration testing is a(n) __________ form of security asse...
- Question 26: The Open Web Application Security Project (OWASP) Top Ten is...
- Question 27: Data labels could include all the following, except:...
- Question 28: Which of the following is not a component of the of the STRI...
- Question 29: Your organization is considering a move to a cloud environme...
- Question 30: Which cloud storage type uses an opaque value or descriptor ...
- Question 31: Your company maintains an on-premises data center for daily ...
- Question 32: What is the best source for information about securing a phy...
- Question 33: One of the security challenges of operating in the cloud is ...
- Question 34: Which of the following service capabilities gives the cloud ...
- Question 35: Which type of audit report does many cloud providers use to ...
- Question 36: In addition to whatever audit results the provider shares wi...
- Question 37: Which of the following methods for the safe disposal of elec...
- Question 38: When an organization implements an SIEM solution and begins ...
- Question 39: Upon completing a risk analysis, a company has four differen...
- Question 40: What type of solution is at the core of virtually all direct...
- Question 41: What concept does the A represent within the DREAD model?...
- Question 42: With software-defined networking (SDN), which two types of n...
- Question 43: Which of the following is NOT an application or utility to a...
- Question 44: Which of the following characteristics is associated with di...
- Question 45: You are the security subject matter expert (SME) for an orga...
- Question 46: What are the phases of a software development lifecycle proc...
- Question 47: Managed cloud services exist because the service is less exp...
- Question 48: Which of the following best describes SAML?...
- Question 49: There are two reasons to conduct a test of the organization'...
- Question 50: ISO/IEC has established international standards for many asp...
- Question 51: Which protocol allows a system to use block-level storage as...
- Question 52: Every cloud service provider that opts to join the CSA STAR ...
- Question 53: When a data center is configured such that the backs of the ...
- Question 54: All of the following are usually nonfunctional requirements ...
- Question 55: There are two general types of smoke detectors. Which type u...
- Question 56: Which security concept would business continuity and disaste...
- Question 57: Access should be based on ____________. Response:...
- Question 58: Which of the following is considered an administrative contr...
- Question 59: What changes are necessary to application code in order to i...
- Question 60: The goals of SIEM solution implementation include all of the...
- Question 61: Digital rights management (DRM) solutions (sometimes referre...
- Question 62: Tokenization requires two distinct _________________ ....
- Question 63: Static software security testing typically uses __________ a...
- Question 64: You need to gain approval to begin moving your company's dat...
- Question 65: What process is used within a cloud environment to maintain ...
- Question 66: The Cloud Security Alliance (CSA) publishes, the Notorious N...
- Question 67: What is the amount of fuel that should be on hand to power g...
- Question 68: Which of the following roles would be responsible for managi...
- Question 69: Which of the following roles involves overseeing billing, pu...
- Question 70: Why are PaaS environments at a higher likelihood of sufferin...
- Question 71: What are the two protocols that TLS uses?...
- Question 72: Just like the risk management process, the BCDR planning pro...
- Question 73: Jurisdictions have a broad range of privacy requirements per...
- Question 74: The goals of DLP solution implementation include all of the ...
- Question 75: What masking strategy involves the replacing of sensitive da...
- Question 76: Which security concept is focused on the trustworthiness of ...
- Question 77: What type of software is often considered secured and valida...
- Question 78: Which strategy involves using a fake production system to lu...
- Question 79: Which United States law is focused on PII as it relates to t...
- Question 80: Which technology can be useful during the "share" phase of t...
- Question 81: What are the objectives of change management? (Choose all th...
- Question 82: What does the management plane typically utilize to perform ...
- Question 83: Which of the following statements accurately describes VLANs...
- Question 84: Which of the following is an example of useful and sufficien...
- Question 85: You are the security manager for a software development firm...
- Question 86: A localized incident or disaster can be addressed in a cost-...
- Question 87: What is the biggest benefit to leasing space in a data cente...
- Question 88: Which United States law is focused on accounting and financi...
- Question 89: Which format is the most commonly used standard for exchangi...
- Question 90: The Open Web Application Security Project (OWASP) Top Ten is...
- Question 91: With a cloud service category where the cloud customer is pr...
- Question 92: A bare-metal hypervisor is Type ____________....
- Question 93: Which of the following tasks within a SaaS environment would...
- Question 94: Which regulatory system pertains to the protection of health...
- Question 95: All of these are reasons an organization may want to conside...
- Question 96: In which cloud service model is the customer required to mai...
- Question 97: Because PaaS implementations are so often used for software ...
- Question 98: Within a federated identity system, which entity accepts tok...
- Question 99: Which of the following is NOT part of a retention policy?...
- Question 100: Which of the following roles is responsible for obtaining ne...
- Question 101: When data discovery is undertaken, three main approaches or ...
- Question 102: Which of the following would NOT be a reason to activate a B...
- Question 103: What is the experimental technology that might lead to the p...
- Question 104: Which OSI layer does IPsec operate at?...
- Question 105: Which of the following is the concept of segregating informa...
- Question 106: According to the (ISC)2 Cloud Secure Data Life Cycle, which ...
- Question 107: Which of the following is NOT a regulatory system from the U...
- Question 108: Which publication from the United States National Institute ...
- Question 109: With a federated identity system, where would a user perform...
- Question 110: What is one of the benefits of implementing an egress monito...
- Question 111: Data centers have enormous power resources that are distribu...
- Question 112: What is the minimum regularity for testing a BCDR plan to me...
- Question 113: You have been tasked with creating an audit scope statement ...
- Question 114: Impact resulting from risk being realized is often measured ...
- Question 115: The WS-Security standards are built around all of the follow...
- Question 116: Although host-based and network-based IDSs perform similar f...
- Question 117: Which of the following concepts refers to a cloud customer p...
- Question 118: A loosely coupled storage cluster will have performance and ...
- Question 119: Where is an XML firewall most commonly and effectively deplo...
- Question 120: The Cloud Security Alliance's (CSA's) Cloud Controls Matrix ...
- Question 121: Which of the following is a commonly used tool for maintaini...
- Question 122: Gathering business requirements can aid the organization in ...
- Question 123: Cloud environments pose many unique challenges for a data cu...
- Question 124: Vulnerability scans are dependent on ________ in order to fu...
- Question 125: Which of the following terms is NOT a commonly used category...
- Question 126: A comprehensive BCDR plan will encapsulate many or most of t...
- Question 127: Data labels could include all the following, except:...
- Question 128: What is a cloud storage architecture that manages the data i...
- Question 129: What type of device is often leveraged to assist legacy appl...
- Question 130: Which of the following best describes a sandbox?...
- Question 131: Limits for resource utilization can be set at different leve...
- Question 132: Which of the following publishes the most commonly used stan...
- Question 133: Which phase of the cloud data lifecycle also typically entai...
- Question 134: Which of the following is a widely used tool for code develo...
- Question 135: Where is an XML firewall most commonly deployed in the envir...
- Question 136: Which jurisdiction lacks specific and comprehensive privacy ...
- Question 137: In the wake of many scandals with major corporations involvi...
- Question 138: With finite resources available within a cloud, even the lar...
- Question 139: A user signs on to a cloud-based social media platform. In a...
- Question 140: What are the U.S. Commerce Department controls on technology...
- Question 141: What controls the formatting and security settings of a volu...
- Question 142: If a key feature of cloud computing that your organization d...
- Question 143: Who is the entity identified by personal data?...
- Question 144: All of the following methods can be used to attenuate the ha...
- Question 145: When reviewing the BIA after a cloud migration, the organiza...
- Question 146: What is the first stage of the cloud data lifecycle where se...
- Question 147: When a user accesses a system, what process determines the r...
- Question 148: When using transparent encryption of a database, where does ...
- Question 149: Cryptographic keys should be secured ________________ ....
- Question 150: Which of the following roles involves the provisioning and d...
- Question 151: Which of the following report is most aligned with financial...
- Question 152: It is important to include _______ in the design of underflo...
- Question 153: SOX was enacted because of which of the following?...
- Question 154: Which key storage solution would be the BEST choice in a sit...
- Question 155: Devices in the cloud datacenter should be secure against att...
- Question 156: Which of the following is NOT a core component of an SIEM so...
- Question 157: Many activities within a cloud environment are performed via...
- Question 158: Which of the following is NOT a factor that is part of a fir...
- Question 159: The Open Web Application Security Project (OWASP) Top Ten is...
- Question 160: Which United States program was designed to enable organizat...
- Question 161: Which SSAE 16 audit report is simply an attestation of audit...
- Question 162: What is the term we use to describe the general ease and eff...
- Question 163: If bit-splitting is used to store data sets across multiple ...
- Question 164: With the rapid emergence of cloud computing, very few regula...
- Question 165: Which of the following is the sole responsibility of the clo...
- Question 166: Which of the following is a risk associated with manual patc...
- Question 167: What does dynamic application security testing (DAST) NOT en...
- Question 168: Which of the following aids in the ability to demonstrate du...
- Question 169: A denial of service (DoS) attack can potentially impact all ...
- Question 170: Which of the following is NOT a criterion for data within th...
- Question 171: The Cloud Security Alliance (CSA) publishes the Notorious Ni...
- Question 172: What does static application security testing (SAST) offer a...
- Question 173: Tokenization requires two distinct ______________. Response:...
- Question 174: Which protocol does the REST API depend on?...
- Question 175: What is one of the reasons a baseline might be changed?...
- Question 176: Security is a critical yet often overlooked consideration fo...
- Question 177: You are the security policy lead for your organization, whic...
- Question 178: Firewalls are used to provide network security throughout an...
- Question 179: Which of the following threat types involves the sending of ...
- Question 180: Which of the following is NOT a function performed by the re...
- Question 181: Which of the following is a valid risk management metric?...
- Question 182: What type of identity system allows trust and verifications ...
- Question 183: In attempting to provide a layered defense, the security pra...
- Question 184: The cloud deployment model that features joint ownership of ...
- Question 185: Although indirect identifiers cannot alone point to an indiv...
- Question 186: A cloud provider is looking to provide a higher level of ass...
- Question 187: Cryptographic keys for encrypted data stored in the cloud sh...
- Question 188: Which aspect of archiving must be tested regularly for the d...
- Question 189: Which of the following threat types can occur when an applic...
- Question 190: Which of the following is characterized by a set maximum cap...
- Question 191: The SOC Type 2 reports are divided into five principles. Whi...
- Question 192: What is a form of cloud storage where data is stored as obje...
- Question 193: Which of the following should NOT be part of the requirement...
- Question 194: Which of the cloud deployment models offers the easiest init...
- Question 195: Resolving resource contentions in the cloud will most likely...
- Question 196: What concept does the "D" represent with the STRIDE threat m...
- Question 197: Which of the following statements about Type 1 hypervisors i...
- Question 198: What is the main reason virtualization is used in the cloud?...
- Question 199: Which of the following pertains to a macro level approach to...
- Question 200: A honeypot should contain _________ data....
- Question 201: DLP solutions can aid all of the following security-related ...
- Question 202: What concept does the "I" represent with the STRIDE threat m...
- Question 203: Cloud environments are based entirely on virtual machines an...
- Question 204: What is the intellectual property protection for the logo of...
- Question 205: Which of the following roles is responsible for overseeing c...
- Question 206: Your organization has made it a top priority that any cloud ...
- Question 207: Which kind of SSAE audit report is most beneficial for a clo...
- Question 208: BCDR strategies typically do not involve the entire operatio...
- Question 209: Which of the following storage types are used with an Infras...
- Question 210: Which of the following is the optimal humidity level for a d...
- Question 211: Which of the following aspects of the BC/DR process poses a ...
- Question 212: DNSSEC was designed to add a layer of security to the DNS pr...
- Question 213: Which of the following terms is not associated with cloud fo...
- Question 214: When using a PaaS solution, what is the capability provided ...
- Question 215: What could be the result of failure of the cloud provider to...
- Question 216: With software-defined networking, what aspect of networking ...
- Question 217: Which type of threat is often used in conjunction with phish...
- Question 218: Which of the following is a method for apportioning resource...
- Question 219: What are SOC 1/SOC 2/SOC 3?
- Question 220: Which ISO/IEC standards set documents the cloud definitions ...
- Question 221: An audit against the __________ will demonstrate that an org...
- Question 222: Above and beyond general regulations for data privacy and pr...
- Question 223: Federation allows _________ across organizations. Response:...
- Question 224: Which of the following methods of addressing risk is most as...
- Question 225: Which of the following roles involves testing, monitoring, a...
- Question 226: Which cloud service category offers the most customization o...
- Question 227: An audit scope statement defines the limits and outcomes fro...
- Question 228: In order to comply with regulatory requirements, which of th...
- Question 229: Which data state would be most likely to use TLS as a protec...
- Question 230: What is the federal agency that accepts applications for new...
- Question 231: The share phase of the cloud data lifecycle involves allowin...
- Question 232: How many additional DNS queries are needed when DNSSEC integ...
- Question 233: What is the biggest challenge to data discovery in a cloud e...
- Question 234: Which security certification serves as a general framework t...
- Question 235: A data custodian is responsible for which of the following?...
- Question 236: With IaaS, what is responsible for handling the security and...
- Question 237: A honeypot can be used for all the following purposes except...
- Question 238: Which of the following is not a risk management framework?...
- Question 239: Which of the following is NOT a function performed by the ha...
- Question 240: Of the following, which is probably the most significant ris...
- Question 241: Which of the following concepts is NOT one of the core compo...
- Question 242: ____________ can often be the result of inadvertent activity...
- Question 243: Which of the following best describes a cloud carrier?...
- Question 244: Within an IaaS implementation, which of the following would ...
- Question 245: What process is used within a clustered system to provide hi...
- Question 246: Administrative penalties for violating the General Data Prot...
- Question 247: Data labels could include all the following, except:...
- Question 248: Which of the following is essential for getting full securit...
- Question 249: Who will determine data classifications for the cloud custom...
- Question 250: Which of the following service categories entails the least ...
- Question 251: Setting thermostat controls by measuring the temperature wil...
- Question 252: Within a federated identity system, which of the following w...
- Question 253: Although much of the attention given to data security is foc...
- Question 254: You were recently hired as a project manager at a major univ...
- Question 255: Which of the following is NOT a major regulatory framework?...
- Question 256: Which of the following are the storage types associated with...
- Question 257: Which of the following best describes SAML?...
- Question 258: Aside from the fact that the cloud customer probably cannot ...
- Question 259: Which of the following is a file server that provides data a...
- Question 260: When designing a cloud data center, which of the following a...
- Question 261: Which aspect of cloud computing would make the use of a clou...
- Question 262: Which of the following is considered an internal redundancy ...
- Question 263: Configurations and policies for a system can come from a var...
- Question 264: From the perspective of compliance, what is the most importa...
- Question 265: Which of the following data sanitation methods would be the ...
- Question 266: Which of the following best describes the Organizational Nor...
- Question 267: Which of the following is the least challenging with regard ...
- Question 268: TLS provides and ________ for ________ communications....
- Question 269: The BIA can be used to provide information about all the fol...
- Question 270: With a cloud service category where the cloud customer is re...
- Question 271: Which of the following best describes the purpose and scope ...
- Question 272: The cloud customer's trust in the cloud provider can be enha...
- Question 273: Proper implementation of DLP solutions for successful functi...
- Question 274: DAST checks software functionality in ____________....
- Question 275: Which characteristic of automated patching makes it attracti...
- Question 276: Which document will enforce uptime and availability requirem...
- Question 277: The GAPP framework was developed through a joint effort betw...
- Question 278: Fiber-optic lines are considered part of layer __________ of...
- Question 279: BCDR strategies do not typically involve the entire operatio...
- Question 280: Identity and access management (IAM) is a security disciplin...
- Question 281: You are performing an audit of the security controls used in...
- Question 282: What is the risk to the organization posed by dashboards tha...
- Question 283: TLS uses ___________ to authenticate a connection and create...
- Question 284: What is the primary reason that makes resolving jurisdiction...
- Question 285: You are the security manager of a small firm that has just p...
- Question 286: Which of the following does NOT relate to the hiding of sens...
- Question 287: Which of the following frameworks focuses specifically on de...
- Question 288: Countermeasures for protecting cloud operations against exte...
- Question 289: Which type of web application monitoring most closely measur...
- Question 290: Which security concept is based on preventing unauthorized a...
