CCSP Data Security Set
16. Which of the following concepts refers to having logs available from throughout a system or application within a single source? (Consolidation, Correlation, Aggregation, Archiving)
Aggregation
21. Although indirect identifiers cannot alone point to an individual, the more of them known can lead to a specific identity. Which strategy can be used to avoid such a connection being made? (Masking, Anonymization, Obfuscation, Encryption)
Anonymization
24. Your new project and its data have regulations that dictate what type of records must be maintained and for how long. Which term refers to this concept? (Data retention, Data archiving, Data preservation, Data warehousing)
Data retention
23. Which of the following is the sole responsibility of the cloud customer within an IaaS service category? (Physical security, Network security, Hypervisor security, Data security)
Data security
35. Which of the following activities is NOT something typically performed by an SIEM solution? (Deletion, Alerting, Correlation, Aggregation)
Deletion
31. Which cloud service category is object storage associated with? (Software, Infrastructure, Desktop, Platform)
Infrastructure
14. During which phase of the cloud data lifecycle would technologies such as DRM and DLP be most appropriately utilized? (Use, Share, Store, Archive)
Share
46. Which of the following is not a commonly accepted strategy for data discovery? (Labels, Metadata, Signature hashing, Content analysis)
Signature hashing
28. Which of the following is a functionality and tool offered by IRM solutions, but not available with traditional permissions and security settings? (Confidentiality, Expiration, Integrity, Copying)
Expiration
40. Which of the following areas is NOT part of the CCM framework and represented as a domain? (Mobile security, Human resources, Governance, Financial audit)
Financial audit
36. Which of the following would be considered an indirect identifier? (Name, ZIP Code, Educational history, Address)
educational history
5. Which of the following actions do NOT fall under the "create" phase of the cloud data lifecycle? (Newly created data, Data that is imported, Data that is archived, Data that is modified)
Archived
42. During data discovery and classification, the use of metadata is a primary means for analysis. Which of the following would NOT be considered metadata? (Column names, Content, Filenames, Headers)
Content
6. You are working as a forensic investigator and collecting information on a potential system breach by a malicious insider. Which of the following is essential for you in order to ensure evidence is preserved and admissible? (Confidentiality, Privacy, Chain of custody, Aggregation)
Chain of Custody
2. When DLP is used to protect data in use, where would the DLP solution and software be deployed? (On the client, On the application server, Network perimeter, Data layer)
Client
18. Digital right management is an extension of information rights management, but is focused on which particular type of data? (Health records, Academic records, Consumer media, Financial data)
Consumer media
29. When an organization implements an SIEM solution and begins aggregating event data, the configured event sources are only valid at the time it was configured. Application modifications, patching, and other upgrades will change the events generated and how they are represented over time. What process is necessary to ensure events are collected and processed with this in mind? (Continual review, Continuous optimization, Aggregation updates, Event elasticity)
Continuous optimization
11. Which phase of the cloud data lifecycle also typically entails the process of data classification? (Use, Store, Create, Archive)
Create
20. Which of the following technologies or concepts could be used for the preservation of integrity? (DNSSEC, Encryption, Tokenization, Anonymization)
DNSSEC
37. Which of the following is NOT a method for protecting data in transit? (HTTPS, IPSec, DRM, TLS)
DRM
27. Within a PaaS implementation, which of the following is NOT the responsibility of the cloud provider? (Physical environment, Infrastructure, Application framework, Data)
Data
33. Which of the following operations can be controlled and prevented with an IRM solution but would not be possible with traditional authorization mechanisms? (Read, Delete, Modify, Distribution)
Distribution
43. Different types of cloud deployment models use different types of storage from traditional data centers, along with many new types of software platforms for deploying applications and configurations. Which of the following is NOT a storage type used within a cloud environment? (Docker, Object, Structured, Volume)
Docker
13. When using an e-commerce site, you see your credit card information with all but the last four digits replaced with asterisks. What kind of data masking is being employed by the application? (Dynamic, Homomorphic, Static, Replication)
Dynamic
19. Which of the following is a law in the United States that protects healthcare information and privacy? (HIPAA, PII, PHI, ACA)
HIPAA
25. Which type of new and emerging encryption allows for the manipulation and accessing of data without having to unencrypt it first? (Dynamic, Homomorphic, Parallel, Heterogeneous)
Homomorphic
48. You are reviewing the standard offerings from a prospective cloud provider, and one area of log collection promises full and complete access to operating system logs for all provisioned systems. Which cloud service category is this MOST likely referring to? (Platform, Desktop, Software, Infrastructure)
Infrastructure
17. Which key storage solution would be the BEST choice in a situation where availability might be of a particular concern? (Internal, External, Hosted, Embedded)
Internal
12. Your application generates large volumes of data based on customer input. With the large volume of incoming data, you need to be able to determine data discovery and classification as quickly and efficiently as possible. Which of the following methods for data discovery would be your best choice? (Content analysis, Labels, Metadata, Authorization)
Metadata
8. When a DLP solution is used to protect data in transit, where is the optimal place to deploy the DLP components? (On the server originating the traffic, At the network perimeter, Between VLANs, On the server receiving the data)
Network perimeter
26. Which concept refers to the ability to confirm and validate the original source of data or an operation to sufficiently meet the required level of assurance? (Nonrepudiation, Integrity, Authentication, Availability)
Nonrepudiation
22. Which type of cloud-based storage is IRM typically associated with? (Volume, Unstructured, Structured, Object)
Object
3. Which cloud storage type uses an opaque value or descriptor to categorize and organize data? (Volume, Object, Structured, Unstructured)
Object
7. Which storage type is typically used by the cloud provider to house virtual machine images? (Volume, Structured, Unstructured, Object)
Object
1. Which of the following pieces of data about an individual would be considered a direct identifier? (Job title, Educational history, Income, Phone number)
Phone number
4. Although content analysis is the least efficient and slowest of the available data discovery methods, which of the following aspects of the data make discovery the most challenging? (Size, Throughput, Quality, Source)
Quality
30. Applying restrictions on certain activities requires the use of information rights management (IRM). Which of the following would NOT require an IRM solution? (Copy, Rename, Read, Print)
Read
47. Although the preservation and retention of data are the most important concepts that usually come to mind when you're considering archiving, what process is equally important to test regularly for the duration of the required retention period? (Recoverability, Portability, Encryption, Availability)
Recoverability
49. Which of the following will always serve as the starting point for the minimum period of data retention? (Contract, Regulation, System resources, Company policy)
Regulation
44. When data is required to be archived and retained for extended lengths of time, which of the following becomes the most pressing concern over time? (Encryption, Size, Restoration, Availability)
Restoration
32. Which of the following is NOT a common component of a DLP implementation process? (Discovery, Monitoring, Revision, Enforcement)
Revision
9. Which of the following types of solutions is often used for regulatory compliance reporting? (SIEM, DLP, IRM, IDS)
SIEM
41. The final phase of the cloud data lifecycle is the destroy phase, where data is ultimately deleted and done so in a secure manner to ensure it cannot be recovered or reconstructed. Which cloud service category poses the most challenges to data destruction or the cloud customer? (Platform, Software, Infrastructure, Desktop)
SaaS
34. Which of the following concepts is NOT one of the key components of a data-archiving program? (Format, Size, Regulations, Testing)
Size
50. Which type of masking would be appropriate for the creation of data sets for testing purposes, where the same structure and size are of importance? (Dynamic, Structured, Tokenized, Static)
Static
38. You are reviewing literature from a cloud service provider and its main pitch to you involves its offerings for a "fully installed and implemented application hosting and deployment framework." Based on your understanding of cloud features, which storage types are you expecting to see offered with this solution? (Volume and object, Structured and unstructured, Container and object, Volume and structured)
Structured and Unstructured
45. Which of the following data protection methodologies maintains the ability to connect back values to the original values? (Tokenization, Anonymization, Obfuscation, Dynamic mapping)
Tokenization
10. Encryption solutions can be embedded within database operations that will serve to protect data in a manner that is not noticeable to the user. What kind of encryption strategy is this? (Transparent, Passive, RSA, Homomorphic)
Transparent
15. In order to move quickly from your traditional data center to a cloud environment, you want your storage to resemble the same directory structure you currently have. Which cloud storage type will be your best option? (Object, Structured, Volume, Unstructured)
Volume
39. Which of the following methods or strategies is NOT a method for protecting sensitive data from data sets? (Zeroing, Anonymization, Tokenization, Obfuscation)
Zeroing
