CCSP認定ガイドPDFは100%カバー率でリアル試験問題が使える [Q472-Q494]

質問472、 Which of the following are attributes of cloud computing?

質問473、 All of the following entitles are required to use FedRAMP-accredited Cloud Service Providers except ___________.
Response:

質問474、 Which of the following roles is responsible for preparing systems for the cloud, administering and monitoring services, and managing inventory and assets?

質問475、 A DLP solution/implementation has three main components.
Which of the following is NOT one of the three main components?

質問476、 With a federated identity system, where would a user perform their authentication when requesting services or application access?

質問477、 You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data.
Of the following, what is a security control you’d like to implement to offset the risk(s) incurred by this practice?

質問478、 Database activity monitoring (DAM) can be:

質問479、 Which of the following cloud aspects complicates eDiscovery?

質問480、 Which of the following are cloud computing roles?

質問481、 The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months.
The 2013 OWASP Top Ten list includes “cross- site scripting (XSS).”
Which of the following is not a method for reducing the risk of XSS attacks?

質問482、 Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?

質問483、 The different cloud service models have varying levels of responsibilities for functions and operations depending with the model’s level of service.
In which of the following models would the responsibility for patching lie predominantly with the cloud customer?

質問484、 A variety of security systems can be integrated within a network–some that just monitor for threats and issue alerts, and others that take action based on signatures, behavior, and other types of rules to actively stop potential threats.
Which of the following types of technologies is best described here?

質問485、 Which of the following is considered a physical control?

質問486、 Which type of audit report is considered a “restricted use” report for its intended audience?

質問487、 Why are PaaS environments at a higher likelihood of suffering backdoor
vulnerabilities?

質問488、 Proper implementation of DLP solutions for successful function requires which of the following?

質問489、 What is used for local, physical access to hardware within a data center?

質問490、 Which of the following is essential for getting full security value from your system baseline?
Response:

質問491、 Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?

質問492、 Different certifications and standards take different approaches to data center design and operations. Although many traditional approaches use a tiered methodology, which of the following utilizes a macro- level approach to data center design?

質問493、 A data custodian is responsible for which of the following?

質問494、 What is the term that describes the situation when a malicious user/attacker can exit the restrictions of a single host and access other nodes on the network?
Response: