CCSP Exam Dumps | With a federated identity system, where would a user perform their authentication when requesting services

<< Prev Question Next Question >>

Question 109/290

With a federated identity system, where would a user perform their authentication when requesting services or application access?

A. Cloud provider

B. The application

C. Their home organization

D. Third-party authentication system

Question List (290q): Question 1: Which one of the following is not one of the three common th...; Question 2: What strategy involves hiding data in a data set to prevent ...; 1 commentQuestion 3: An SLA contains the official requirements for contract perfo...; Question 4: Which of the following threat types involves leveraging a us...; Question 5: Which protocol, as a part of TLS, handles the actual secure ...; Question 6: _________ is the legal concept whereby a cloud customer is h...; Question 7: What is the term that describes the situation when a malicio...; Question 8: It's important to maintain a current asset inventory list, i...; Question 9: Which of the following are contractual components that the C...; Question 10: Which of the following roles is responsible for peering with...; Question 11: Which of the following best describes a cloud carrier?...; Question 12: Which type of audit report is considered a "restricted use" ...; Question 13: Which of the following security measures done at the network...; Question 14: Which of the following is a possible negative aspect of bit-...; Question 15: In application-level encryption, where does the encryption e...; Question 16: Which of the following represents a minimum guaranteed resou...; Question 17: Which of the following is considered a physical control?...; Question 18: When using an Infrastructure as a Service (IaaS) solution, w...; Question 19: All of the following entitles are required to use FedRAMP-ac...; Question 20: What is a data custodian responsible for?...; Question 21: Which cloud service category most commonly uses client-side ...; Question 22: Typically, SSDs are ____________. Response:...; Question 23: Which technology is most associated with tunneling? Response...; Question 24: Which of the following threat types involves the sending of ...; Question 25: Penetration testing is a(n) __________ form of security asse...; Question 26: The Open Web Application Security Project (OWASP) Top Ten is...; Question 27: Data labels could include all the following, except:...; Question 28: Which of the following is not a component of the of the STRI...; Question 29: Your organization is considering a move to a cloud environme...; Question 30: Which cloud storage type uses an opaque value or descriptor ...; Question 31: Your company maintains an on-premises data center for daily ...; Question 32: What is the best source for information about securing a phy...; Question 33: One of the security challenges of operating in the cloud is ...; Question 34: Which of the following service capabilities gives the cloud ...; Question 35: Which type of audit report does many cloud providers use to ...; Question 36: In addition to whatever audit results the provider shares wi...; Question 37: Which of the following methods for the safe disposal of elec...; Question 38: When an organization implements an SIEM solution and begins ...; Question 39: Upon completing a risk analysis, a company has four differen...; Question 40: What type of solution is at the core of virtually all direct...; Question 41: What concept does the A represent within the DREAD model?...; Question 42: With software-defined networking (SDN), which two types of n...; Question 43: Which of the following is NOT an application or utility to a...; Question 44: Which of the following characteristics is associated with di...; Question 45: You are the security subject matter expert (SME) for an orga...; Question 46: What are the phases of a software development lifecycle proc...; Question 47: Managed cloud services exist because the service is less exp...; Question 48: Which of the following best describes SAML?...; Question 49: There are two reasons to conduct a test of the organization'...; Question 50: ISO/IEC has established international standards for many asp...; Question 51: Which protocol allows a system to use block-level storage as...; Question 52: Every cloud service provider that opts to join the CSA STAR ...; Question 53: When a data center is configured such that the backs of the ...; Question 54: All of the following are usually nonfunctional requirements ...; Question 55: There are two general types of smoke detectors. Which type u...; Question 56: Which security concept would business continuity and disaste...; Question 57: Access should be based on ____________. Response:...; Question 58: Which of the following is considered an administrative contr...; Question 59: What changes are necessary to application code in order to i...; Question 60: The goals of SIEM solution implementation include all of the...; Question 61: Digital rights management (DRM) solutions (sometimes referre...; Question 62: Tokenization requires two distinct _________________ ....; Question 63: Static software security testing typically uses __________ a...; Question 64: You need to gain approval to begin moving your company's dat...; Question 65: What process is used within a cloud environment to maintain ...; Question 66: The Cloud Security Alliance (CSA) publishes, the Notorious N...; Question 67: What is the amount of fuel that should be on hand to power g...; Question 68: Which of the following roles would be responsible for managi...; Question 69: Which of the following roles involves overseeing billing, pu...; Question 70: Why are PaaS environments at a higher likelihood of sufferin...; Question 71: What are the two protocols that TLS uses?...; Question 72: Just like the risk management process, the BCDR planning pro...; Question 73: Jurisdictions have a broad range of privacy requirements per...; Question 74: The goals of DLP solution implementation include all of the ...; Question 75: What masking strategy involves the replacing of sensitive da...; Question 76: Which security concept is focused on the trustworthiness of ...; Question 77: What type of software is often considered secured and valida...; Question 78: Which strategy involves using a fake production system to lu...; Question 79: Which United States law is focused on PII as it relates to t...; Question 80: Which technology can be useful during the "share" phase of t...; Question 81: What are the objectives of change management? (Choose all th...; Question 82: What does the management plane typically utilize to perform ...; Question 83: Which of the following statements accurately describes VLANs...; Question 84: Which of the following is an example of useful and sufficien...; Question 85: You are the security manager for a software development firm...; Question 86: A localized incident or disaster can be addressed in a cost-...; Question 87: What is the biggest benefit to leasing space in a data cente...; Question 88: Which United States law is focused on accounting and financi...; Question 89: Which format is the most commonly used standard for exchangi...; Question 90: The Open Web Application Security Project (OWASP) Top Ten is...; Question 91: With a cloud service category where the cloud customer is pr...; Question 92: A bare-metal hypervisor is Type ____________....; Question 93: Which of the following tasks within a SaaS environment would...; Question 94: Which regulatory system pertains to the protection of health...; Question 95: All of these are reasons an organization may want to conside...; Question 96: In which cloud service model is the customer required to mai...; Question 97: Because PaaS implementations are so often used for software ...; Question 98: Within a federated identity system, which entity accepts tok...; Question 99: Which of the following is NOT part of a retention policy?...; Question 100: Which of the following roles is responsible for obtaining ne...; Question 101: When data discovery is undertaken, three main approaches or ...; Question 102: Which of the following would NOT be a reason to activate a B...; Question 103: What is the experimental technology that might lead to the p...; Question 104: Which OSI layer does IPsec operate at?...; Question 105: Which of the following is the concept of segregating informa...; Question 106: According to the (ISC)2 Cloud Secure Data Life Cycle, which ...; Question 107: Which of the following is NOT a regulatory system from the U...; Question 108: Which publication from the United States National Institute ...; Question 109: With a federated identity system, where would a user perform...; Question 110: What is one of the benefits of implementing an egress monito...; Question 111: Data centers have enormous power resources that are distribu...; Question 112: What is the minimum regularity for testing a BCDR plan to me...; Question 113: You have been tasked with creating an audit scope statement ...; Question 114: Impact resulting from risk being realized is often measured ...; Question 115: The WS-Security standards are built around all of the follow...; Question 116: Although host-based and network-based IDSs perform similar f...; Question 117: Which of the following concepts refers to a cloud customer p...; Question 118: A loosely coupled storage cluster will have performance and ...; Question 119: Where is an XML firewall most commonly and effectively deplo...; Question 120: The Cloud Security Alliance's (CSA's) Cloud Controls Matrix ...; Question 121: Which of the following is a commonly used tool for maintaini...; Question 122: Gathering business requirements can aid the organization in ...; Question 123: Cloud environments pose many unique challenges for a data cu...; Question 124: Vulnerability scans are dependent on ________ in order to fu...; Question 125: Which of the following terms is NOT a commonly used category...; Question 126: A comprehensive BCDR plan will encapsulate many or most of t...; Question 127: Data labels could include all the following, except:...; Question 128: What is a cloud storage architecture that manages the data i...; Question 129: What type of device is often leveraged to assist legacy appl...; Question 130: Which of the following best describes a sandbox?...; Question 131: Limits for resource utilization can be set at different leve...; Question 132: Which of the following publishes the most commonly used stan...; Question 133: Which phase of the cloud data lifecycle also typically entai...; Question 134: Which of the following is a widely used tool for code develo...; Question 135: Where is an XML firewall most commonly deployed in the envir...; Question 136: Which jurisdiction lacks specific and comprehensive privacy ...; Question 137: In the wake of many scandals with major corporations involvi...; Question 138: With finite resources available within a cloud, even the lar...; Question 139: A user signs on to a cloud-based social media platform. In a...; Question 140: What are the U.S. Commerce Department controls on technology...; Question 141: What controls the formatting and security settings of a volu...; Question 142: If a key feature of cloud computing that your organization d...; Question 143: Who is the entity identified by personal data?...; Question 144: All of the following methods can be used to attenuate the ha...; Question 145: When reviewing the BIA after a cloud migration, the organiza...; Question 146: What is the first stage of the cloud data lifecycle where se...; Question 147: When a user accesses a system, what process determines the r...; Question 148: When using transparent encryption of a database, where does ...; Question 149: Cryptographic keys should be secured ________________ ....; Question 150: Which of the following roles involves the provisioning and d...; Question 151: Which of the following report is most aligned with financial...; Question 152: It is important to include _______ in the design of underflo...; Question 153: SOX was enacted because of which of the following?...; Question 154: Which key storage solution would be the BEST choice in a sit...; Question 155: Devices in the cloud datacenter should be secure against att...; Question 156: Which of the following is NOT a core component of an SIEM so...; Question 157: Many activities within a cloud environment are performed via...; Question 158: Which of the following is NOT a factor that is part of a fir...; Question 159: The Open Web Application Security Project (OWASP) Top Ten is...; Question 160: Which United States program was designed to enable organizat...; Question 161: Which SSAE 16 audit report is simply an attestation of audit...; Question 162: What is the term we use to describe the general ease and eff...; Question 163: If bit-splitting is used to store data sets across multiple ...; Question 164: With the rapid emergence of cloud computing, very few regula...; Question 165: Which of the following is the sole responsibility of the clo...; Question 166: Which of the following is a risk associated with manual patc...; Question 167: What does dynamic application security testing (DAST) NOT en...; Question 168: Which of the following aids in the ability to demonstrate du...; Question 169: A denial of service (DoS) attack can potentially impact all ...; Question 170: Which of the following is NOT a criterion for data within th...; Question 171: The Cloud Security Alliance (CSA) publishes the Notorious Ni...; Question 172: What does static application security testing (SAST) offer a...; Question 173: Tokenization requires two distinct ______________. Response:...; Question 174: Which protocol does the REST API depend on?...; Question 175: What is one of the reasons a baseline might be changed?...; Question 176: Security is a critical yet often overlooked consideration fo...; Question 177: You are the security policy lead for your organization, whic...; Question 178: Firewalls are used to provide network security throughout an...; Question 179: Which of the following threat types involves the sending of ...; Question 180: Which of the following is NOT a function performed by the re...; Question 181: Which of the following is a valid risk management metric?...; Question 182: What type of identity system allows trust and verifications ...; Question 183: In attempting to provide a layered defense, the security pra...; Question 184: The cloud deployment model that features joint ownership of ...; Question 185: Although indirect identifiers cannot alone point to an indiv...; Question 186: A cloud provider is looking to provide a higher level of ass...; Question 187: Cryptographic keys for encrypted data stored in the cloud sh...; Question 188: Which aspect of archiving must be tested regularly for the d...; Question 189: Which of the following threat types can occur when an applic...; Question 190: Which of the following is characterized by a set maximum cap...; Question 191: The SOC Type 2 reports are divided into five principles. Whi...; Question 192: What is a form of cloud storage where data is stored as obje...; Question 193: Which of the following should NOT be part of the requirement...; Question 194: Which of the cloud deployment models offers the easiest init...; Question 195: Resolving resource contentions in the cloud will most likely...; Question 196: What concept does the "D" represent with the STRIDE threat m...; Question 197: Which of the following statements about Type 1 hypervisors i...; Question 198: What is the main reason virtualization is used in the cloud?...; Question 199: Which of the following pertains to a macro level approach to...; Question 200: A honeypot should contain _________ data....; Question 201: DLP solutions can aid all of the following security-related ...; Question 202: What concept does the "I" represent with the STRIDE threat m...; Question 203: Cloud environments are based entirely on virtual machines an...; Question 204: What is the intellectual property protection for the logo of...; Question 205: Which of the following roles is responsible for overseeing c...; Question 206: Your organization has made it a top priority that any cloud ...; Question 207: Which kind of SSAE audit report is most beneficial for a clo...; Question 208: BCDR strategies typically do not involve the entire operatio...; Question 209: Which of the following storage types are used with an Infras...; Question 210: Which of the following is the optimal humidity level for a d...; Question 211: Which of the following aspects of the BC/DR process poses a ...; Question 212: DNSSEC was designed to add a layer of security to the DNS pr...; Question 213: Which of the following terms is not associated with cloud fo...; Question 214: When using a PaaS solution, what is the capability provided ...; Question 215: What could be the result of failure of the cloud provider to...; Question 216: With software-defined networking, what aspect of networking ...; Question 217: Which type of threat is often used in conjunction with phish...; Question 218: Which of the following is a method for apportioning resource...; Question 219: What are SOC 1/SOC 2/SOC 3?; Question 220: Which ISO/IEC standards set documents the cloud definitions ...; Question 221: An audit against the __________ will demonstrate that an org...; Question 222: Above and beyond general regulations for data privacy and pr...; Question 223: Federation allows _________ across organizations. Response:...; Question 224: Which of the following methods of addressing risk is most as...; Question 225: Which of the following roles involves testing, monitoring, a...; Question 226: Which cloud service category offers the most customization o...; Question 227: An audit scope statement defines the limits and outcomes fro...; Question 228: In order to comply with regulatory requirements, which of th...; Question 229: Which data state would be most likely to use TLS as a protec...; Question 230: What is the federal agency that accepts applications for new...; Question 231: The share phase of the cloud data lifecycle involves allowin...; Question 232: How many additional DNS queries are needed when DNSSEC integ...; Question 233: What is the biggest challenge to data discovery in a cloud e...; Question 234: Which security certification serves as a general framework t...; Question 235: A data custodian is responsible for which of the following?...; Question 236: With IaaS, what is responsible for handling the security and...; Question 237: A honeypot can be used for all the following purposes except...; Question 238: Which of the following is not a risk management framework?...; Question 239: Which of the following is NOT a function performed by the ha...; Question 240: Of the following, which is probably the most significant ris...; Question 241: Which of the following concepts is NOT one of the core compo...; Question 242: ____________ can often be the result of inadvertent activity...; Question 243: Which of the following best describes a cloud carrier?...; Question 244: Within an IaaS implementation, which of the following would ...; Question 245: What process is used within a clustered system to provide hi...; Question 246: Administrative penalties for violating the General Data Prot...; Question 247: Data labels could include all the following, except:...; Question 248: Which of the following is essential for getting full securit...; Question 249: Who will determine data classifications for the cloud custom...; Question 250: Which of the following service categories entails the least ...; Question 251: Setting thermostat controls by measuring the temperature wil...; Question 252: Within a federated identity system, which of the following w...; Question 253: Although much of the attention given to data security is foc...; Question 254: You were recently hired as a project manager at a major univ...; Question 255: Which of the following is NOT a major regulatory framework?...; Question 256: Which of the following are the storage types associated with...; Question 257: Which of the following best describes SAML?...; Question 258: Aside from the fact that the cloud customer probably cannot ...; Question 259: Which of the following is a file server that provides data a...; Question 260: When designing a cloud data center, which of the following a...; Question 261: Which aspect of cloud computing would make the use of a clou...; Question 262: Which of the following is considered an internal redundancy ...; Question 263: Configurations and policies for a system can come from a var...; Question 264: From the perspective of compliance, what is the most importa...; Question 265: Which of the following data sanitation methods would be the ...; Question 266: Which of the following best describes the Organizational Nor...; Question 267: Which of the following is the least challenging with regard ...; Question 268: TLS provides and ________ for ________ communications....; Question 269: The BIA can be used to provide information about all the fol...; Question 270: With a cloud service category where the cloud customer is re...; Question 271: Which of the following best describes the purpose and scope ...; Question 272: The cloud customer's trust in the cloud provider can be enha...; Question 273: Proper implementation of DLP solutions for successful functi...; Question 274: DAST checks software functionality in ____________....; Question 275: Which characteristic of automated patching makes it attracti...; Question 276: Which document will enforce uptime and availability requirem...; Question 277: The GAPP framework was developed through a joint effort betw...; Question 278: Fiber-optic lines are considered part of layer __________ of...; Question 279: BCDR strategies do not typically involve the entire operatio...; Question 280: Identity and access management (IAM) is a security disciplin...; Question 281: You are performing an audit of the security controls used in...; Question 282: What is the risk to the organization posed by dashboards tha...; Question 283: TLS uses ___________ to authenticate a connection and create...; Question 284: What is the primary reason that makes resolving jurisdiction...; Question 285: You are the security manager of a small firm that has just p...; Question 286: Which of the following does NOT relate to the hiding of sens...; Question 287: Which of the following frameworks focuses specifically on de...; Question 288: Countermeasures for protecting cloud operations against exte...; Question 289: Which type of web application monitoring most closely measur...; Question 290: Which security concept is based on preventing unauthorized a...

Question 109/290

LEAVE A REPLY

Download PDF File