← CCSP 2022 · CCSP Intermediate

CCSP 2022 Intermediate Quiz

Learning Objectives

Apply cloud security controls: IAM, infrastructure, application security, and risk management.

CCSP 2022 certification badge
Time left --:--:--
Question 1 / 60 · 60 unanswered
Question 1 of 60
In the CCSP 2022 CBK, which term describes the right of an individual to inspect and correct personal data held about them?
1 / 60
Question 2 of 60
In the CCSP 2022 CBK, which standard provides a framework specifically for information security management systems (ISMS)?
2 / 60
Question 3 of 60
Under the CCSP 2022 CBK, which document formally authorizes a project or system to operate based on accepted residual risk?
3 / 60
Question 4 of 60
The CCSP 2022 CBK defines 'data in transit' protections as PRIMARILY achieved through:
4 / 60
Question 5 of 60
The CCSP 2022 CBK defines 'data remanence' as:
5 / 60
Question 6 of 60
The CCSP 2022 CBK describes 'multitenancy' as a cloud characteristic that introduces which UNIQUE risk?
6 / 60
Question 7 of 60
The CCSP 2022 CBK identifies 'elasticity' as a cloud benefit that specifically helps organizations:
7 / 60
Question 8 of 60
In the CCSP 2022 CBK, which identity federation protocol is commonly used to exchange authentication and authorization data between an identity provider and a cloud service provider?
8 / 60
Question 9 of 60
According to the CCSP 2022 CBK, which cloud deployment model gives a single organization exclusive use of infrastructure managed by a third-party provider off-premises?
9 / 60
Question 10 of 60
Under the CCSP 2022 CBK, which control type BEST describes a firewall rule that blocks unauthorized access attempts?
10 / 60
Question 11 of 60
In the CCSP 2022 CBK, which approach to cryptographic key management is considered MOST secure for cloud workloads?
11 / 60
Question 12 of 60
The CCSP 2022 CBK classifies 'availability' as a security property BEST maintained through:
12 / 60
Question 13 of 60
In the CCSP 2022 CBK, 'egress monitoring' primarily refers to:
13 / 60
Question 14 of 60
The CCSP 2022 CBK identifies which of the following as the PRIMARY benefit of using a CASB?
14 / 60
Question 15 of 60
The CCSP 2022 CBK describes the 'shared responsibility model' as requiring cloud customers to ALWAYS be responsible for:
15 / 60
Question 16 of 60
According to the CCSP 2022 CBK, which cloud security control directly addresses the risk of an insider threat exfiltrating sensitive data via a personal cloud storage account?
16 / 60
Question 17 of 60
The CCSP 2022 CBK identifies which of the following as the PRIMARY goal of a Business Impact Analysis (BIA)?
17 / 60
Question 18 of 60
According to the CCSP 2022 CBK, which cloud storage type is MOST appropriate for structured relational data accessed frequently by applications?
18 / 60
Question 19 of 60
According to the CCSP 2022 CBK, which threat modeling approach systematically identifies threats by category — Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege?
19 / 60
Question 20 of 60
The CCSP 2022 CBK defines the 'CSA Cloud Controls Matrix (CCM)' as:
20 / 60
Question 21 of 60
Which CCSP 2022 CBK concept describes dividing a network into smaller segments to limit the blast radius of a breach?
21 / 60
Question 22 of 60
The CCSP 2022 CBK defines 'data sovereignty' as the principle that:
22 / 60
Question 23 of 60
The CCSP 2022 CBK notes that 'right to be forgotten' or erasure requests in cloud environments are complicated PRIMARILY because:
23 / 60
Question 24 of 60
In the CCSP 2022 CBK, which disaster recovery strategy provides the FASTEST recovery time by maintaining a fully operational duplicate environment?
24 / 60
Question 25 of 60
Under the CCSP 2022 CBK, which party is MOST responsible for defining the data classification policy in a cloud environment?
25 / 60
Question 26 of 60
In the CCSP 2022 CBK, which incident response phase involves re-enabling affected systems and verifying normal operations?
26 / 60
Question 27 of 60
Under the CCSP 2022 CBK, which type of testing involves providing a tester with full knowledge of the system's architecture and source code?
27 / 60
Question 28 of 60
The CCSP 2022 CBK defines 'attribute-based access control' (ABAC) as an access model that grants permissions based on:
28 / 60
Question 29 of 60
The CCSP 2022 CBK describes 'capability maturity models' primarily as tools for:
29 / 60
Question 30 of 60
Which CCSP 2022 CBK concept ensures that cryptographic keys are never directly accessible to cloud service providers?
30 / 60
Question 31 of 60
The CCSP 2022 CBK identifies which of the following as a PRIMARY advantage of containerization over traditional virtual machines?
31 / 60
Question 32 of 60
According to the CCSP 2022 CBK, 'penetration testing' in cloud environments requires FIRST:
32 / 60
Question 33 of 60
Which CCSP 2022 CBK cloud characteristic allows resources to be automatically adjusted based on demand without manual intervention?
33 / 60
Question 34 of 60
The CCSP 2022 CBK defines 'vendor lock-in' as a risk arising from:
34 / 60
Question 35 of 60
In the CCSP 2022 CBK, 'logical separation' between tenant data in a multitenant cloud is PRIMARILY enforced through:
35 / 60
Question 36 of 60
The CCSP 2022 CBK notes that 'serverless computing' shifts security responsibility for runtime environments to:
36 / 60
Question 37 of 60
According to the CCSP 2022 CBK, 'key escrow' is BEST described as:
37 / 60
Question 38 of 60
According to the CCSP 2022 CBK, 'separation of duties' in cloud IAM primarily prevents:
38 / 60
Question 39 of 60
The CCSP 2022 CBK defines 'recovery time objective' (RTO) as:
39 / 60
Question 40 of 60
In the CCSP 2022 CBK, which standard specifically addresses payment card data security in cloud environments?
40 / 60
Question 41 of 60
In the CCSP 2022 CBK, which audit standard is specifically designed for cloud service providers to demonstrate security and availability controls?
41 / 60
Question 42 of 60
In the CCSP 2022 CBK, which risk treatment option involves accepting the risk without additional mitigation because its cost exceeds the potential impact?
42 / 60
Question 43 of 60
According to the CCSP 2022 CBK, which governance framework is MOST commonly used to align IT management with business objectives in cloud environments?
43 / 60
Question 44 of 60
The CCSP 2022 CBK defines 'data masking' as a technique that:
44 / 60
Question 45 of 60
The CCSP 2022 CBK defines the 'chain of custody' concept in forensics as:
45 / 60
Question 46 of 60
The CCSP 2022 CBK identifies which data state as occurring when data is actively processed by a CPU?
46 / 60
Question 47 of 60
The CCSP 2022 CBK identifies 'supply chain risk' in cloud environments as arising PRIMARILY from:
47 / 60
Question 48 of 60
According to the CCSP 2022 CBK, which threat category does a denial-of-service attack PRIMARILY target?
48 / 60
Question 49 of 60
Which CCSP 2022 CBK term describes a legally binding agreement specifying security and privacy obligations when a CSP processes personal data on behalf of a data controller?
49 / 60
Question 50 of 60
According to the CCSP 2022 CBK, which privacy principle requires that personal data collected be limited to what is necessary for the stated purpose?
50 / 60
Question 51 of 60
In the CCSP 2022 CBK, which encryption mode is MOST appropriate for ensuring the confidentiality of block storage volumes?
51 / 60
Question 52 of 60
The CCSP 2022 CBK identifies 'DevSecOps' as a practice that integrates security into:
52 / 60
Question 53 of 60
According to the CCSP 2022 CBK, which technique allows multiple organizations to share cryptographic verification without any single party controlling the ledger?
53 / 60
Question 54 of 60
The CCSP 2022 CBK describes 'infrastructure as code' (IaC) security risks as including:
54 / 60
Question 55 of 60
The CCSP 2022 CBK notes that 'application-layer firewalls' differ from traditional packet-filtering firewalls because they:
55 / 60
Question 56 of 60
In the CCSP 2022 CBK, which mechanism provides tamper-evident logging to support forensic investigations?
56 / 60
Question 57 of 60
The CCSP 2022 CBK identifies 'shadow IT' as a risk because:
57 / 60
Question 58 of 60
In the CCSP 2022 CBK, which concept describes a federated identity arrangement where a user authenticates once and is granted access across multiple cloud services?
58 / 60
Question 59 of 60
According to the CCSP 2022 CBK, a 'gap analysis' in cloud compliance is PRIMARILY used to:
59 / 60
Question 60 of 60
The CCSP 2022 CBK describes 'quantum-resistant cryptography' as necessary because:
60 / 60