Free CCSP Exam Braindumps

- (Exam Topic 4)
You need to gain approval to begin moving your company's data and systems into a cloud environment. However, your CEO has mandated the ability to easily remove your IT assets from the cloud provider as a precondition.
Which of the following cloud concepts would this pertain to?

1. A. Removability
2. B. Extraction
3. C. Portability
4. D. Reversibility

Correct Answer: D
Reversibility is the cloud concept involving the ability for a cloud customer to remove all of its data and IT assets from a cloud provider. Also, processes and agreements would be in place with the cloud provider that ensure all removals have been completed fully within the agreed upon timeframe. Portability refers to the ability to easily move between different cloud providers and not be locked into a specific one. Removability and extraction are both provided as terms similar to reversibility, but neither is the official term or concept.

- (Exam Topic 4)
What's a potential problem when object storage versus volume storage is used within IaaS for application use and dependency?

1. A. Object storage is only optimized for small files.
2. B. Object storage is its own system, and data consistency depends on replication.
3. C. Object storage may have availability issues.
4. D. Object storage is dependent on access control from the host server.

Correct Answer: B
Object storage runs on its own independent systems, which have their own redundancy and distribution. To ensure data consistency, sufficient time is needed for objects to fully replicate to all potential locations before being accessed. Object storage is optimized for high availability and will not be any less reliable than any other virtual machine within a cloud environment. It is hosted on a separate system that does not have dependencies in local host servers for access control, and it is optimized for files of all different sizes and uses.

- (Exam Topic 2)
Which of the following technologies is used to monitor network traffic and notify if any potential threats or attacks are noticed?

1. A. IPS
2. B. WAF
3. C. Firewall
4. D. IDS

Correct Answer: D
An intrusion detection system (IDS) is designed to analyze network packets, compare their contents or characteristics against a set of configurations or signatures, and alert personnel if anything is detected that could constitute a threat or is otherwise designated for alerting.

- (Exam Topic 1)
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?

1. A. GLBA
2. B. HIPAA
3. C. Safe Harbor
4. D. SOX

Correct Answer: C
Due to the lack of an adequate privacy law or protection at the federal level in the United States, European privacy regulations generally prohibit the exporting or sharing of PII from Europe with the United States. Participation in the Safe Harbor program is voluntary on behalf of an organization, but it does require them to conform to specific requirements and policies that mirror those from the EU. Thus, organizations can fulfill requirements for data sharing and export and possibly serve customers in the EU.

- (Exam Topic 3)
Which phase of the cloud data lifecycle represents the first instance where security controls can be implemented?

1. A. Use
2. B. Share
3. C. Store
4. D. Create

Correct Answer: C
The store phase occurs immediately after the create phase, and as data is committed to storage structures, the first opportunity for security controls to be implemented is realized. During the create phase, the data is not yet part of a system where security controls can be applied, and although the use and share phases also entail the application of security controls, they are not the first phase where the process occurs.