Free CCSP Exam Dumps

Question 51

- (Exam Topic 2)
Which of the following is not a way to manage risk? Response:

A. Enveloping
B. Mitigating
C. Accepting
D. Transferring

Correct Answer:A

Question 52

- (Exam Topic 1)
Which ISO standard refers to addressing security risks in a supply chain?

A. ISO 27001
B. ISO/IEC 28000:2007
C. ISO 18799
D. ISO 31000:2009

Correct Answer:B

Question 53

- (Exam Topic 3)
You work for a government research facility. Your organization often shares data with other government research organizations.
You would like to create a single sign-on experience across the organizations, where users at each organization can sign in with the user ID/authentication issued by that organization, then access research data in all the other organizations.
Instead of replicating the data stores of each organization at every other organization (which is one way of accomplishing this goal), you instead want every user to have access to each organization’s specific storage resources.
In order to pass the user IDs and authenticating credentials of each user among the organizations, what
protocol/language/motif will you most likely utilize? Response:

A. Representational State Transfer (REST)
B. Security Assertion Markup Language (SAML)
C. Simple Object Access Protocol (SOAP)
D. Hypertext Markup Language (HTML)

Correct Answer:B

Question 54

- (Exam Topic 3)
The BCDR plan/process should be written and documented in such a way that it can be used by ______.
Response:

A. Users
B. Essential BCDR team members
C. Regulators
D. Someone with the requisite skills

Correct Answer:D

Question 55

- (Exam Topic 2)
Before deploying a specific brand of virtualization toolset, it is important to configure it according to
______ .
Response:

A. Industry standards
B. Prevailing law of that jurisdiction
C. Vendor guidance
D. Expert opinion

Correct Answer:C