CCSP Data Security Set

¡Supera tus tareas y exámenes ahora con Quizwiz!

16. Which of the following concepts refers to having logs available from throughout a system or application within a single source? (Consolidation, Correlation, Aggregation, Archiving)

Aggregation

21. Although indirect identifiers cannot alone point to an individual, the more of them known can lead to a specific identity. Which strategy can be used to avoid such a connection being made? (Masking, Anonymization, Obfuscation, Encryption)

Anonymization

24. Your new project and its data have regulations that dictate what type of records must be maintained and for how long. Which term refers to this concept? (Data retention, Data archiving, Data preservation, Data warehousing)

Data retention

23. Which of the following is the sole responsibility of the cloud customer within an IaaS service category? (Physical security, Network security, Hypervisor security, Data security)

Data security

35. Which of the following activities is NOT something typically performed by an SIEM solution? (Deletion, Alerting, Correlation, Aggregation)

Deletion

31. Which cloud service category is object storage associated with? (Software, Infrastructure, Desktop, Platform)

Infrastructure

14. During which phase of the cloud data lifecycle would technologies such as DRM and DLP be most appropriately utilized? (Use, Share, Store, Archive)

Share

46. Which of the following is not a commonly accepted strategy for data discovery? (Labels, Metadata, Signature hashing, Content analysis)

Signature hashing

28. Which of the following is a functionality and tool offered by IRM solutions, but not available with traditional permissions and security settings? (Confidentiality, Expiration, Integrity, Copying)

Expiration

40. Which of the following areas is NOT part of the CCM framework and represented as a domain? (Mobile security, Human resources, Governance, Financial audit)

Financial audit

36. Which of the following would be considered an indirect identifier? (Name, ZIP Code, Educational history, Address)

educational history

5. Which of the following actions do NOT fall under the "create" phase of the cloud data lifecycle? (Newly created data, Data that is imported, Data that is archived, Data that is modified)

Archived

42. During data discovery and classification, the use of metadata is a primary means for analysis. Which of the following would NOT be considered metadata? (Column names, Content, Filenames, Headers)

Content

6. You are working as a forensic investigator and collecting information on a potential system breach by a malicious insider. Which of the following is essential for you in order to ensure evidence is preserved and admissible? (Confidentiality, Privacy, Chain of custody, Aggregation)

Chain of Custody

2. When DLP is used to protect data in use, where would the DLP solution and software be deployed? (On the client, On the application server, Network perimeter, Data layer)

Client

18. Digital right management is an extension of information rights management, but is focused on which particular type of data? (Health records, Academic records, Consumer media, Financial data)

Consumer media

29. When an organization implements an SIEM solution and begins aggregating event data, the configured event sources are only valid at the time it was configured. Application modifications, patching, and other upgrades will change the events generated and how they are represented over time. What process is necessary to ensure events are collected and processed with this in mind? (Continual review, Continuous optimization, Aggregation updates, Event elasticity)

Continuous optimization

11. Which phase of the cloud data lifecycle also typically entails the process of data classification? (Use, Store, Create, Archive)

Create

20. Which of the following technologies or concepts could be used for the preservation of integrity? (DNSSEC, Encryption, Tokenization, Anonymization)

DNSSEC

37. Which of the following is NOT a method for protecting data in transit? (HTTPS, IPSec, DRM, TLS)

DRM

27. Within a PaaS implementation, which of the following is NOT the responsibility of the cloud provider? (Physical environment, Infrastructure, Application framework, Data)

Data

33. Which of the following operations can be controlled and prevented with an IRM solution but would not be possible with traditional authorization mechanisms? (Read, Delete, Modify, Distribution)

Distribution

43. Different types of cloud deployment models use different types of storage from traditional data centers, along with many new types of software platforms for deploying applications and configurations. Which of the following is NOT a storage type used within a cloud environment? (Docker, Object, Structured, Volume)

Docker

13. When using an e-commerce site, you see your credit card information with all but the last four digits replaced with asterisks. What kind of data masking is being employed by the application? (Dynamic, Homomorphic, Static, Replication)

Dynamic

19. Which of the following is a law in the United States that protects healthcare information and privacy? (HIPAA, PII, PHI, ACA)

HIPAA

25. Which type of new and emerging encryption allows for the manipulation and accessing of data without having to unencrypt it first? (Dynamic, Homomorphic, Parallel, Heterogeneous)

Homomorphic

48. You are reviewing the standard offerings from a prospective cloud provider, and one area of log collection promises full and complete access to operating system logs for all provisioned systems. Which cloud service category is this MOST likely referring to? (Platform, Desktop, Software, Infrastructure)

Infrastructure

17. Which key storage solution would be the BEST choice in a situation where availability might be of a particular concern? (Internal, External, Hosted, Embedded)

Internal

12. Your application generates large volumes of data based on customer input. With the large volume of incoming data, you need to be able to determine data discovery and classification as quickly and efficiently as possible. Which of the following methods for data discovery would be your best choice? (Content analysis, Labels, Metadata, Authorization)

Metadata

8. When a DLP solution is used to protect data in transit, where is the optimal place to deploy the DLP components? (On the server originating the traffic, At the network perimeter, Between VLANs, On the server receiving the data)

Network perimeter

26. Which concept refers to the ability to confirm and validate the original source of data or an operation to sufficiently meet the required level of assurance? (Nonrepudiation, Integrity, Authentication, Availability)

Nonrepudiation

22. Which type of cloud-based storage is IRM typically associated with? (Volume, Unstructured, Structured, Object)

Object

3. Which cloud storage type uses an opaque value or descriptor to categorize and organize data? (Volume, Object, Structured, Unstructured)

Object

7. Which storage type is typically used by the cloud provider to house virtual machine images? (Volume, Structured, Unstructured, Object)

Object

1. Which of the following pieces of data about an individual would be considered a direct identifier? (Job title, Educational history, Income, Phone number)

Phone number

4. Although content analysis is the least efficient and slowest of the available data discovery methods, which of the following aspects of the data make discovery the most challenging? (Size, Throughput, Quality, Source)

Quality

30. Applying restrictions on certain activities requires the use of information rights management (IRM). Which of the following would NOT require an IRM solution? (Copy, Rename, Read, Print)

Read

47. Although the preservation and retention of data are the most important concepts that usually come to mind when you're considering archiving, what process is equally important to test regularly for the duration of the required retention period? (Recoverability, Portability, Encryption, Availability)

Recoverability

49. Which of the following will always serve as the starting point for the minimum period of data retention? (Contract, Regulation, System resources, Company policy)

Regulation

44. When data is required to be archived and retained for extended lengths of time, which of the following becomes the most pressing concern over time? (Encryption, Size, Restoration, Availability)

Restoration

32. Which of the following is NOT a common component of a DLP implementation process? (Discovery, Monitoring, Revision, Enforcement)

Revision

9. Which of the following types of solutions is often used for regulatory compliance reporting? (SIEM, DLP, IRM, IDS)

SIEM

41. The final phase of the cloud data lifecycle is the destroy phase, where data is ultimately deleted and done so in a secure manner to ensure it cannot be recovered or reconstructed. Which cloud service category poses the most challenges to data destruction or the cloud customer? (Platform, Software, Infrastructure, Desktop)

SaaS

34. Which of the following concepts is NOT one of the key components of a data-archiving program? (Format, Size, Regulations, Testing)

Size

50. Which type of masking would be appropriate for the creation of data sets for testing purposes, where the same structure and size are of importance? (Dynamic, Structured, Tokenized, Static)

Static

38. You are reviewing literature from a cloud service provider and its main pitch to you involves its offerings for a "fully installed and implemented application hosting and deployment framework." Based on your understanding of cloud features, which storage types are you expecting to see offered with this solution? (Volume and object, Structured and unstructured, Container and object, Volume and structured)

Structured and Unstructured

45. Which of the following data protection methodologies maintains the ability to connect back values to the original values? (Tokenization, Anonymization, Obfuscation, Dynamic mapping)

Tokenization

10. Encryption solutions can be embedded within database operations that will serve to protect data in a manner that is not noticeable to the user. What kind of encryption strategy is this? (Transparent, Passive, RSA, Homomorphic)

Transparent

15. In order to move quickly from your traditional data center to a cloud environment, you want your storage to resemble the same directory structure you currently have. Which cloud storage type will be your best option? (Object, Structured, Volume, Unstructured)

Volume

39. Which of the following methods or strategies is NOT a method for protecting sensitive data from data sets? (Zeroing, Anonymization, Tokenization, Obfuscation)

Zeroing


Conjuntos de estudio relacionados

el mundo hispano - the hispanic world

View Set

World History--Chapter 20--The Mughal Empire

View Set

Computer Networking: A Top-Down Approach Knowledge Checks 5 and 6

View Set

Chapter 3 Configuring Devices and Device Drivers

View Set

Management of Information Security (Ch. 5-6)

View Set

Phantom Questions CH. 22-Epilogue

View Set

Representation Key Terms and Definitions

View Set