ISC2 CCSP Exam Questions - Real Practice Questions for Guaranteed Success

Question 1

Web application firewalls (WAFs) are designed primarily to protect applications from common attacks like:

ARansomware

BSyn floods

CXSS and SQL injection

DPassword cracking

Correct : C

WAFs detect how the application interacts with the environment, so they are optimal for detecting and refuting things like SQL injection and XSS. Password cracking, syn floods, and ransomware usually aren't taking place in the same way as injection and XSS, and they are better addressed with controls at the router and through the use of HIDS, NIDS, and antimalware tools.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

ARansomware

BSyn floods

CXSS and SQL injection

DPassword cracking

0 / 1500

Question 2

APIs are defined as which of the following?

AA set of protocols, and tools for building software applications to access a web-based software application or tool

BA set of routines, standards, protocols, and tools for building software applications to access a web-based software application or tool

CA set of standards for building software applications to access a web-based software application or tool

DA set of routines and tools for building software applications to access web-based software applications

Correct : B

All the answers are true, but B is the most complete.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AA set of protocols, and tools for building software applications to access a web-based software application or tool

BA set of routines, standards, protocols, and tools for building software applications to access a web-based software application or tool

CA set of standards for building software applications to access a web-based software application or tool

DA set of routines and tools for building software applications to access web-based software applications

0 / 1500

Question 3

Which of the following best describes data masking?

AA method for creating similar but inauthentic datasets used for software testing and user training.

BA method used to protect prying eyes from data such as social security numbers and credit card data.

CA method where the last few numbers in a dataset are not obscured. These are often used for authentication.

DData masking involves stripping out all digits in a string of numbers so as to obscure the original number.

Correct : A

All of these answers are actually correct, but A is the best answer, because it is the most general, includes the others, and is therefore the optimum choice. This is a good example of the type of question that can appear on the actual exam.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AA method for creating similar but inauthentic datasets used for software testing and user training.

BA method used to protect prying eyes from data such as social security numbers and credit card data.

CA method where the last few numbers in a dataset are not obscured. These are often used for authentication.

DData masking involves stripping out all digits in a string of numbers so as to obscure the original number.

0 / 1500

Question 4

Which of the following best describes a sandbox?

AAn isolated space where untested code and experimentation can safely occur separate from the production environment.

BA space where you can safely execute malicious code to see what it does.

CAn isolated space where transactions are protected from malicious software

DAn isolated space where untested code and experimentation can safely occur within the production environment.

Correct : A

Options C and B are also correct, but A is more general and incorporates them both. D is incorrect, because sandboxing does not take place in the production environment.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AAn isolated space where untested code and experimentation can safely occur separate from the production environment.

BA space where you can safely execute malicious code to see what it does.

CAn isolated space where transactions are protected from malicious software

DAn isolated space where untested code and experimentation can safely occur within the production environment.

0 / 1500

Question 5

A localized incident or disaster can be addressed in a cost-effective manner by using which of the following?

AUPS

BGenerators

CJoint operating agreements

DStrict adherence to applicable regulations

Correct : C

Joint operating agreements can provide nearby relocation sites so that a disruption limited to the organization's own facility and campus can be addressed at a different facility and campus. UPS and generators are not limited to serving needs for localized causes. Regulations do not promote cost savings and are not often the immediate concern during BC/DR activities.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AUPS

BGenerators

CJoint operating agreements

DStrict adherence to applicable regulations

0 / 1500

Master ISC2 CCSP Exam with Reliable Practice Questions

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users: