01. Which deployment model BEST meets the business requirements for cloud bursting?
a) Private cloud
b) Community cloud
c) Hybrid cloud
d) Public cloud
02. The second business process your company wishes to migrate to the cloud is the human resources system. They have selected a SaaS cloud service model. When using a SaaS cloud service model, what tool is MOST effective at ensuring the security of a company’s data?
a) Ensuring all company data is encrypted
b) Ensuring your company has the right to audit
c) Defining the geographic restrictions where your company’sdata is authorized to reside
d) Developing a contract that defines the roles and responsibilities of the CSP and the company
03. After researching the various cloud deployment models, your company decides purchasing a dedicated cloud deployment model isn’t cost effective; however, they want to ensure that all companies utilizing the cloud deployment model are a known quantity and adhere to the same PCI-DSS requirements.
Which deployment model BEST meets these requirements?
a) Hybrid
b) Community
c) Private
d) Public
04. Part of your company’s risk management strategy is to ensure risk is properly addressed when moving processes to the cloud. Which of the following answers should NOT be considered during this process?
a) What costs are associated with moving the business process to the cloud?
b) What negative consequences would the business encounter if the process was manipulated by an unauthorizedperson?
c) Would the business be impacted if the information became publicly available?
d) If the process became unavailable, how would that affect the business?
05. The company only wants to pay for the resources they utilize; however, they want to ensure they are able to support high-demand periods, such as holiday times where resource demand increases quickly. Which concept would meet the business requirements?
a) Load balancing
b) HighAvailability
c) Cloud bursting
d) Quad processors
06. In a SaaS service model, the tenant transfers technical control of the computing environment to the cloud service provider. Which of the following responsibilities does the tenant retain?
a) Configuration of the application
b) Backing up the data to a remote location
c) Patching the operating systems
d) Liability and legal responsibility for securing data
07. You work for a startup company that wants to be a SaaS provider. Your company wants to develop and sell the use of an application while minimizing capital expenditure costs. Which service model BEST meets these requirements?
a) SaaS
b) IaaS
c) PaaS
d) On-premises
08. Your company wants to move a business process to the cloud. The business process and associated data is heavily regulated. The company needs to ensure they retain ownership of the governing controls and have assurance the data will reside within a certain geographic location.
Which deployment model BEST meets the business requirements?
a) Private
b) Public
c) Hybrid
d) Community
09. One business process the company decides to move to the cloud is data storage. After reviewing the CSP’s data storage strategy, you identify they utilize shared storage. Which of the following answers provides the BEST solution to ensure your companies data is adequately protected from other tenants?
a) Access control rules based on pre-defined business rules
b) Require company data be stored on separate storage
c) Ensure company data is encrypted
d) Utilize a hybrid cloud strategy—utilizing the CSP’sapplication and storing the data locally
10. Your company utilizes a custom application that services many financial clients. The application is hosted on company servers within their private data center. All company servers run specific configurations and a software firewall.
They want a test environment that offers as much control over the environment as possible, to ensure configuration settings of both environments are alike, but want to minimize the costs and time involved with setting up the environment.
Which service model BEST meets the business requirements?
a) SaaS/Private
b) IaaS/Public
c) PaaS/Hybrid
d) IaaS/Private
e) SaaS/Public
f) PaaS/Public
The purpose of this Sample Question Set is to provide you with information about the ISC2 Cloud Security Professional exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CCSP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 CCSP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Certified Cloud Security Professional (CCSP) certification exam.