Free CCSP Exam Braindumps

- (Exam Topic 1)
What type of masking strategy involves making a separate and distinct copy of data with masking in place?

1. A. Dynamic
2. B. Replication
3. C. Static
4. D. Duplication

Correct Answer: C
With static masking, a separate and distinct copy of the data set is created with masking in place. This is typically done through a script or other process that takes a standard data set, processes it to mask the appropriate and predefined fields, and then outputs the data set as a new one with the completed masking done.

- (Exam Topic 2)
What concept does the "D" represent with the STRIDE threat model?

1. A. Data loss
2. B. Denial of service
3. C. Data breach
4. D. Distributed

Correct Answer: B
Any application can be a possible target of denial-of-service (DoS) attacks. From the application side, the developers should minimize how many operations are performed for non-authenticated users. This will keep the application running as quickly as possible and using the least amount of system resources to help minimize the impact of any such attacks.

- (Exam Topic 3)
Many tools and technologies are available for securing or monitoring data in transit within a data center, whether it is a traditional data center or a cloud.
Which of the following is NOT a technology for securing data in transit?

1. A. VPN
2. B. TLS
3. C. DNSSEC
4. D. HTTPS

Correct Answer: C
DNSSEC is an extension of the normal DNS protocol that enables a system to verify the integrity of a DNS query resolution by signing it from the authoritative source and verifying the signing chain. It is not used for
securing data transmissions or exchanges. HTTPS is the most common method for securing web service and data calls within a cloud, and TLS is the current standard for encrypting HTTPS traffic. VPNs are widely used for securing data transmissions and service access.

- (Exam Topic 4)
APIs are defined as which of the following?

1. A. A set of protocols, and tools for building software applications to access a web-based software application or tool
2. B. A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or tool
3. C. A set of standards for building software applications to access a web-based software application or tool
4. D. A set of routines and tools for building software applications to access web-based software applications

Correct Answer: B
All the answers are true, but B is the most complete.

- (Exam Topic 4)
Which data protection strategy would be useful for a situation where the ability to remove sensitive data from a set is needed, but a requirement to retain the ability to map back to the original values is also present?

1. A. Masking
2. B. Tokenization
3. C. Encryption
4. D. Anonymization

Correct Answer: B
Tokenization involves the replacement of sensitive data fields with key or token values, which can ultimately be mapped back to the original, sensitive data values. Masking refers to the overall approach to covering
sensitive data, and anonymization is a type of masking, where indirect identifiers are removed from a data set to prevent the mapping back of data to an individual. Encryption refers to the overall process of protecting data via key pairs and protecting confidentiality.