← CCSP 2022 · CCSP Beginner

CCSP 2022 Beginner Quiz

Learning Objectives

Understand CCSP domain fundamentals: cloud concepts, architecture, data security, and legal issues.

CCSP 2022 certification badge
Time left --:--:--
Question 1 / 60 · 60 unanswered
Question 1 of 60
According to the CCSP 2022 CBK, which cloud service model grants customers the MOST control over operating systems, middleware, and applications?
1 / 60
Question 2 of 60
According to CCSP 2022 CBK, which NIST cloud characteristic allows cloud infrastructure to quickly scale resources up or down to meet changing demand?
2 / 60
Question 3 of 60
Which CCSP 2022 CBK domain focuses on cloud data security, including data lifecycle management, data discovery, classification, and the controls protecting data throughout its lifecycle?
3 / 60
Question 4 of 60
In CCSP 2022 CBK, which cloud service model allows developers to deploy applications without managing underlying servers, operating systems, or middleware?
4 / 60
Question 5 of 60
Which cloud deployment model provides cloud services exclusively to a single organization, managed either on-premises or by a third-party provider?
5 / 60
Question 6 of 60
Which CCSP 2022 CBK term describes the risk that migrating data to a cloud provider makes it difficult or cost-prohibitive to switch to a different provider?
6 / 60
Question 7 of 60
According to CCSP 2022 CBK, which cloud security risk occurs when customer data remains accessible on cloud storage media after the customer deletes it, due to the provider's data retention practices?
7 / 60
Question 8 of 60
According to CCSP 2022 CBK, which technical vulnerability exists when a cloud provider fails to properly isolate one tenant's data from another in shared databases or storage systems?
8 / 60
Question 9 of 60
In the CCSP 2022 CBK, which shared responsibility principle states that cloud providers are responsible for security OF the cloud while customers are responsible for security IN the cloud?
9 / 60
Question 10 of 60
In CCSP 2022 CBK, which cloud security control protects data stored in cloud databases and file systems from unauthorized access if physical storage media is stolen or improperly decommissioned?
10 / 60
Question 11 of 60
Which CCSP 2022 CBK threat model concept involves an attacker who is an employee of the cloud provider with privileged access to customer environments?
11 / 60
Question 12 of 60
Which CCSP 2022 CBK access control framework grants permissions based on user roles (job functions) rather than individual user identities?
12 / 60
Question 13 of 60
Which CCSP 2022 CBK concept describes the risk that data stored in a cloud provider's infrastructure may be subject to the laws of the provider's operating country?
13 / 60
Question 14 of 60
Which CCSP 2022 CBK concept describes the audit trail that documents who accessed, modified, or moved data throughout its lifecycle in a cloud environment?
14 / 60
Question 15 of 60
In CCSP 2022 CBK, which container security concept involves using a minimal base image with only the software required to run the application, eliminating unnecessary components that could be exploited?
15 / 60
Question 16 of 60
In CCSP 2022 CBK Domain 4, which software security principle verifies that all external inputs to a cloud application are checked for type, format, length, and acceptable values before being processed?
16 / 60
Question 17 of 60
According to CCSP 2022 CBK Domain 1, which cloud characteristic allows customers to provision computing resources automatically without requiring human interaction with each service provider?
17 / 60
Question 18 of 60
According to CCSP 2022 CBK Domain 3, which security architecture pattern separates different cloud workloads into isolated network segments to limit lateral movement in case of compromise?
18 / 60
Question 19 of 60
According to CCSP 2022 CBK, which cloud governance control ensures that cloud resources are deployed only after security requirements have been defined and approved?
19 / 60
Question 20 of 60
According to CCSP 2022 CBK, which deployment model describes an organization using both on-premises private cloud and public cloud services, with orchestration between them?
20 / 60
Question 21 of 60
In CCSP 2022 CBK, which data security concept ensures that data cannot be read by unauthorized parties during transmission between cloud components?
21 / 60
Question 22 of 60
Which CCSP 2022 CBK standard provides a framework for information security management systems (ISMS) that cloud providers and customers commonly use to demonstrate security governance maturity?
22 / 60
Question 23 of 60
Which cloud security technology uses hardware-isolated processor enclaves to protect data in use from the host operating system, hypervisor, and other tenants, even from the cloud provider itself?
23 / 60
Question 24 of 60
According to CCSP 2022 CBK, which cloud service allows multiple organizations in the same industry to share cloud infrastructure and resources while maintaining individual data isolation?
24 / 60
Question 25 of 60
Which CCSP 2022 CBK concept describes the ability to detect unauthorized changes to cloud data or system configurations?
25 / 60
Question 26 of 60
In CCSP 2022 CBK, which concept ensures that cloud resources are used only for authorized purposes and that usage is tracked for billing, compliance, and security purposes?
26 / 60
Question 27 of 60
According to CCSP 2022 CBK, which incident response consideration is UNIQUE to cloud environments compared to on-premises incidents?
27 / 60
Question 28 of 60
Which CCSP 2022 CBK concept describes the process of documenting all third-party cloud services used by an organization, including shadow IT cloud services discovered through network monitoring?
28 / 60
Question 29 of 60
According to CCSP 2022 CBK, which legal agreement between a cloud provider and customer defines performance expectations, uptime guarantees, and remedies for service failures?
29 / 60
Question 30 of 60
According to CCSP 2022 CBK Domain 2, which data lifecycle phase involves permanently destroying data that is no longer needed to prevent unauthorized future access?
30 / 60
Question 31 of 60
Which CCSP 2022 CBK concept describes the independent audit report that provides customers with assurance about a cloud service organization's security, availability, and confidentiality controls?
31 / 60
Question 32 of 60
According to CCSP 2022 CBK Domain 3, which security control monitors network traffic within cloud environments to detect malicious activity and policy violations?
32 / 60
Question 33 of 60
Which CCSP 2022 CBK cloud security concept involves layering multiple independent security controls so that the failure of one does not compromise overall security?
33 / 60
Question 34 of 60
Which CCSP 2022 CBK security control prevents a single cloud administrator from having unilateral access to make changes to critical systems without oversight?
34 / 60
Question 35 of 60
According to CCSP 2022 CBK, which data protection technique replaces sensitive data with a non-sensitive substitute (surrogate value) that can be mapped back to the original through a secure lookup table?
35 / 60
Question 36 of 60
In CCSP 2022 CBK, which concept describes the legal process of preserving cloud-stored data for potential use in litigation, preventing deletion or modification?
36 / 60
Question 37 of 60
In CCSP 2022 CBK, which type of virtualization technology allows multiple virtual machines to share a single physical server's resources while maintaining isolation between guests?
37 / 60
Question 38 of 60
According to CCSP 2022 CBK, which cloud security risk is UNIQUE to multi-tenant environments where one customer's workload affects the performance of adjacent customers?
38 / 60
Question 39 of 60
Which CCSP 2022 CBK cloud network security concept uses software to dynamically create, manage, and reconfigure virtual network components (routers, firewalls, switches) without touching physical hardware?
39 / 60
Question 40 of 60
Which CCSP 2022 CBK security threat exploits weakly configured cloud APIs that allow unauthenticated or insufficiently authorized access to cloud resources?
40 / 60
Question 41 of 60
Which CCSP 2022 CBK control ensures that cloud provider personnel cannot access customer data without authorization and a verifiable business need?
41 / 60
Question 42 of 60
Which CCSP 2022 CBK concept enables cloud users to access cloud services from any device using standard internet protocols and web browsers?
42 / 60
Question 43 of 60
According to CCSP 2022 CBK, which cloud security assessment evaluates whether the customer's cloud deployment aligns with regulatory requirements and industry frameworks such as CSA CCM?
43 / 60
Question 44 of 60
According to CCSP 2022 CBK, which data security control prevents sensitive data from being displayed in full to users who do not have a business need to see it, replacing characters with symbols?
44 / 60
Question 45 of 60
According to CCSP 2022 CBK, which cloud storage type provides a flat namespace where each object has a unique identifier, metadata, and data — ideal for unstructured data at massive scale?
45 / 60
Question 46 of 60
In CCSP 2022 CBK, which type of cloud threat involves an attacker consuming all available cloud resources (compute, storage, API calls) to prevent legitimate users from accessing services?
46 / 60
Question 47 of 60
In CCSP 2022 CBK, which disaster recovery concept describes the maximum period of time a cloud service can be unavailable before causing unacceptable business impact?
47 / 60
Question 48 of 60
Which CCSP 2022 CBK concept ensures cloud users can only access resources from specific geographic locations or device types, enforcing additional authentication for unusual access patterns?
48 / 60
Question 49 of 60
Which CCSP 2022 CBK concept describes the process of verifying that a cloud provider's security controls meet the organization's requirements before signing a contract?
49 / 60
Question 50 of 60
According to CCSP 2022 CBK, which security assessment methodology provides an independent evaluation of a cloud provider's controls by a third-party auditor?
50 / 60
Question 51 of 60
Which CCSP 2022 CBK concept describes the technical and legal challenges that arise when cloud providers sub-contract services to other providers (sub-processors) without the customer's explicit knowledge?
51 / 60
Question 52 of 60
According to CCSP 2022 CBK, which cloud business continuity strategy involves maintaining a fully operational duplicate cloud environment in a second region to enable near-zero RTO failover?
52 / 60
Question 53 of 60
In CCSP 2022 CBK Domain 4, which type of security testing specifically validates that the cloud application correctly enforces access controls and cannot be manipulated to expose data belonging to other tenants?
53 / 60
Question 54 of 60
Which CCSP 2022 CBK data classification level typically requires the STRONGEST access controls and encryption due to the potential for significant organizational harm if disclosed?
54 / 60
Question 55 of 60
According to CCSP 2022 CBK, which identity federation technology allows an organization's on-premises Active Directory identities to authenticate to cloud services without requiring separate cloud accounts?
55 / 60
Question 56 of 60
In CCSP 2022 CBK, which container orchestration security control restricts container processes from running with elevated operating system privileges that could enable container breakout?
56 / 60
Question 57 of 60
Which CCSP 2022 CBK physical security control specifically protects against unauthorized physical access to cloud data center facilities?
57 / 60
Question 58 of 60
According to CCSP 2022 CBK Domain 3, which vulnerability SPECIFICALLY affects cloud hypervisor environments where a VM escapes its isolation boundary and gains access to the host or other VMs?
58 / 60
Question 59 of 60
Which CCSP 2022 CBK cloud security domain covers the legal, contractual, regulatory, and compliance obligations for cloud service providers and customers, including privacy law and e-discovery?
59 / 60
Question 60 of 60
Which CCSP 2022 CBK threat involves an attacker accessing cloud management APIs without proper authentication, potentially gaining control over the customer's entire cloud environment?
60 / 60