ISC2 CCSP Quiz 27 Topic 1 Questions 131-135

Question: 1

Which of the following is a risk in the cloud environment that is not existing or is as prevalent in the legacy environment?

Response:

ALegal liability in multiple jurisdictions

BLoss of productivity due to DDoS

CAbility of users to gain access to their physical workplace

DFire

Show Answer

Question: 2

You are the security manager for a software development firm. Your company is interested in using a managed cloud service provider for hosting its testing environment. Management is interested in adopting an Agile development style.

This will be typified by which of the following traits?

Response:

AReliance on a concrete plan formulated during the Define phase

BRigorous, repeated security testing

CIsolated programming experts for specific functional elements

DShort, iterative work periods

Show Answer

Question: 3

The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months. The 2013 OWASP Top Ten list includes ''sensitive data exposure.''

Which of these is a technique to reduce the potential for a sensitive data exposure?

Response:

AExtensive user training on proper data handling techniques

BAdvanced firewalls inspecting all inbound traffic, to include content-based screening

CEnsuring the use of utility backup power supplies

DRoving security guards

Show Answer

Question: 4

Data labels could include all the following, except:

Response:

AConfidentiality level

BDistribution limitations

CAccess restrictions

DMultifactor authentication

Show Answer

Question: 5

Which of the following is not an enforceable governmental request?

Response:

AWarrant

BSubpoena

CCourt order

DAffidavit

Show Answer

ISC2 CCSP Quiz:27 Topic:1 Questions:131-135