CCSP Practice Test

Every cloud service provider that opts to join the CSA STAR program registry must
complete a ___________.

A.

SOC 2, Type 2 audit report

B.

Consensus Assessment Initiative Questionnaire (CAIQ)

C.

NIST 800-37 RMF audit

D.

ISO 27001 ISMS review

Which of the following best describes SAML?
Response:

A.

A standard for developing secure application management logistics

B.

A standard for exchanging authentication and authorization data between security
domains

C.

A standard for exchanging usernames and passwords across devices

D.

A standard used for directory synchronization

All of the following are terms used to described the practice of obscuring original raw data
so that only a portion is displayed for operational purposes, except:
Response:

A.

Tokenization

B.

Data discovery

C.

Obfuscation

Who should be the only entity allowed to declare that an organization can return to normal
following contingency or BCDR operations?
Response:

A.

Regulators

B.

Law enforcement

C.

The incident manager

D.

Senior management

You work for a government research facility. Your organization often shares data
with other government research organizations.
You would like to create a single sign-on experience across the organizations, where
users at each organization can sign in with the user ID/authentication issued by that
organization, then access research data in all the other organizations.
Instead of replicating the data stores of each organization at every other
organization (which is one way of accomplishing this goal), you instead want every
user to have access to each organization’s specific storage resources.
If you don’t use cross-certification, what other model can you implement for this
purpose?
Response:

A.

Third-party identity broker

B.

Cloud reseller

C.

Intractable nuanced variance

D.

Mandatory access control (MAC)