ISC2 CCSP Quiz 45 Topic 10 Questions 221-225

Question: 1

When an organization implements an SIEM solution and begins aggregating event data, the configured event sources are only valid at the time it was configured. Application modifications, patching, and other upgrades will change the events generated and how they are represented over time.

What process is necessary to ensure events are collected and processed with this in mind?

AContinual review

BContinuous optimization

CAggregation updates

DEvent elasticity

Show Answer

Question: 2

Which of the following are contractual components that the CSP should review and understand fully when contracting with a cloud service provider?

(Choose two.)

AConcurrently maintainable site infrastructure

BUse of subcontractors

CRedundant site infrastructure capacity components

DScope of processing

Show Answer

Question: 3

TLS uses ___________ to authenticate a connection and create a shared secret for the duration of the session.

ASAML 2.0

BX.509 certificates

C802.11X

DThe Diffie-Hellman process

Show Answer

Question: 4

Why are PaaS environments at a higher likelihood of suffering backdoor vulnerabilities?

AThey rely on virtualization.

BThey are often used for software development.

CThey have multitenancy.

DThey are scalable.

Show Answer

Question: 5

Impact resulting from risk being realized is often measured in terms of ____________.

AAmount of data lost

BMoney

CAmount of property lost

DNumber of people affected

Show Answer

ISC2 CCSP Quiz:45 Topic:10 Questions:221-225