Join the discussion
Question 58/250
All of the following are terms used to described the practice of obscuring original raw data so that only a portion is displayed for operational purposes, except:
Correct Answer: C
Data discovery is a term used to describe the process of identifying information according to specific traits or categories. The rest are all methods for obscuring data.
Add Comments
- Other Question (250q)
- Q1. Which of the following is a management role, versus a technical role, as it pertains to da...
- Q2. Which component of ITIL involves planning for the restoration of services after an unexpec...
- Q3. Just like the risk management process, the BCDR planning process has a defined sequence of...
- Q4. Countermeasures for protecting cloud operations against internal threats include all of th...
- Q5. The SOC Type 2 reports are divided into five principles. Which of the five principles must...
- Q6. What type of redundancy can we expect to find in a datacenter of any tier? Response:...
- Q7. Along with humidity, temperature is crucial to a data center for optimal operations and pr...
- Q8. What is a key capability or characteristic of PaaS?...
- Q9. Your company maintains an on-premises data center for daily production activities but want...
- Q10. What is the data encapsulation used with the SOAP protocol referred to?...
- Q11. The European Union passed the first major regulation declaring data privacy to be a human ...
- Q12. In the wake of many scandals with major corporations involving fraud and the deception of ...
- Q13. Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP t...
- Q14. If bit-splitting is used to store data sets across multiple jurisdictions, how may this en...
- Q15. Which type of testing tends to produce the best and most comprehensive results for discove...
- Q16. Which data state would be most likely to use TLS as a protection mechanism?...
- Q17. Cloud systems are increasingly used for BCDR solutions for organizations. What aspect of c...
- Q18. To protect data on user devices in a BYOD environment, the organization should consider re...
- Q19. Which of the following is characterized by a set maximum capacity? Response:...
- Q20. Which of the following is the best example of a key component of regulated PII?...
- Q21. What sort of legal enforcement may the Payment Card Industry (PCI) Security Standards Coun...
- Q22. Within a federated identity system, which entity accepts tokens from the identity provider...
- Q23. When using a SaaS solution, what is the capability provided to the customer?...
- Q24. Which of the following represents a control on the maximum amount of resources that a sing...
- Q25. Which of the following methods for the safe disposal of electronic records can always be u...
- Q26. Which of the following is NOT something that an HIDS will monitor?...
- Q27. Which data state would be most likely to use digital signatures as a security protection m...
- Q28. All of the following methods can be used to attenuate the harm caused by escalation of pri...
- Q29. Which security concept is based on preventing unauthorized access to data while also ensur...
- Q30. The Open Web Application Security Project (OWASP) Top Ten is a list of web application sec...
- Q31. You are working for a cloud service provider and receive an eDiscovery order pertaining to...
- Q32. Which of the following terms is NOT a commonly used category of risk acceptance?...
- Q33. From a security perspective, what component of a cloud computing infrastructure represents...
- Q34. With an application hosted in a cloud environment, who could be the recipient of an eDisco...
- Q35. If a key feature of cloud computing that your organization desires is the ability to scale...
- Q36. Who is the entity identified by personal data?...
- Q37. With software-defined networking, what aspect of networking is abstracted from the forward...
- Q38. The cloud deployment model that features joint ownership of assets among an affinity group...
- Q39. If a cloud computing customer wishes to guarantee that a minimum level of resources will a...
- Q40. Which of the following is the best example of a key component of regulated PII?...
- Q41. Which of the following storage types is most closely associated with a traditional file sy...
- Q42. A UPS should have enough power to last how long?...
- Q43. What is one of the reasons a baseline might be changed?...
- Q44. Which kind of SSAE audit report is most beneficial for a cloud customer, even though it's ...
- Q45. Which of the following are considered to be the building blocks of cloud computing?...
- Q46. As part of the auditing process, getting a report on the deviations between intended confi...
- Q47. What does the management plane typically utilize to perform administrative functions on th...
- Q48. What strategy involves replacing sensitive data with opaque values, usually with a means o...
- Q49. Which of the following threat types involves the sending of invalid and manipulated reques...
- Q50. Typically, SSDs are ____________. Response:
- Q51. Within an IaaS implementation, which of the following would NOT be a metric used to quanti...
- Q52. During the assessment phase of a risk evaluation, what are the two types of tests that are...
- Q53. You are the security subject matter expert (SME) for an organization considering a transit...
- Q54. Hardening the operating system refers to all of the following except:...
- Q55. Of the following, which is probably the most significant risk in a managed cloud environme...
- Q56. What is the amount of fuel that should be on hand to power generators for backup datacente...
- Q57. When using a PaaS solution, what is the capability provided to the customer?...
- Q58. All of the following are terms used to described the practice of obscuring original raw da...
- Q59. Humidity levels for a data center are a prime concern for maintaining electrical and compu...
- Q60. Which of the following components are part of what a CCSP should review when looking at co...
- Q61. What can tokenization be used for?
- Q62. Which of the following best describes SAML?
- Q63. Where is a DLP solution generally installed when utilized for monitoring data at rest?...
- Q64. The physical layout of a cloud data center campus should include redundancies of all the f...
- Q65. Which of the following best describes a cloud carrier?...
- Q66. Your boss has tasked your team with getting your legacy systems and applications connected...
- Q67. What expectation of data custodians is made much more challenging by a cloud implementatio...
- Q68. Digital investigations have adopted many of the same methodologies and protocols as other ...
- Q69. Which of the following is NOT a function performed by the record protocol of TLS?...
- Q70. Which is the most commonly used standard for information exchange within a federated ident...
- Q71. What must SOAP rely on for security since it does not provide security as a built-in capab...
- Q72. Proper implementation of DLP solutions for successful function requires which of the follo...
- Q73. Which of the following is considered an internal redundancy for a data center?...
- Q74. Limits for resource utilization can be set at different levels within a cloud environment ...
- Q75. Which value refers to the amount of data an organization would need to recover in the even...
- Q76. Which of the following roles involves the connection and integration of existing systems a...
- Q77. There are two general types of smoke detectors. Which type uses a small portion of radioac...
- Q78. Which SSAE 16 report is purposefully designed for public release (for instance, to be post...
- Q79. Which of the following are the storage types associated with PaaS?...
- Q80. Deviations from the baseline should be investigated and __________________....
- Q81. In order to ensure ongoing compliance with regulatory requirements, which phase of the clo...
- Q82. When using an IaaS solution, what is the capability provided to the customer?...
- Q83. Which of the following is a file server that provides data access to multiple, heterogeneo...
- Q84. A honeypot can be used for all the following purposes except ____________. Response:...
- Q85. The BIA can be used to provide information about all the following, except:...
- Q86. What is the term we use to describe the general ease and efficiency of moving data from on...
- Q87. Which ISO/IEC standards set documents the cloud definitions for staffing and official role...
- Q88. Where is an XML firewall most commonly and effectively deployed in the environment?...
- Q89. The tasks performed by the hypervisor in the virtual environment can most be likened to th...
- Q90. Which of the following are cloud computing roles?...
- Q91. A cloud data encryption situation where the cloud customer retains control of the encrypti...
- Q92. Which of the following is not a security concern related to archiving data for long-term s...
- Q93. You are the security manager for an online retail sales company with 100 employees and a p...
- Q94. Which of the following are the storage types associated with IaaS?...
- Q95. The management plane is used to administer a cloud environment and perform administrative ...
- Q96. Which of the following threat types can occur when baselines are not appropriately applied...
- Q97. The Transport Layer Security (TLS) protocol creates a secure communications channel over p...
- Q98. Which ISO standard refers to addressing security risks in a supply chain?...
- Q99. All of the following are activities that should be performed when capturing and maintainin...
- Q100. Which protocol does the REST API depend on?
- Q101. Which cloud storage type requires special consideration on the part of the cloud customer ...
- Q102. When designing a cloud data center, which of the following aspects is not necessary to ens...
- Q103. What concept does the "D" represent with the STRIDE threat model?...
- Q104. A data custodian is responsible for which of the following?...
- Q105. You are the IT director for a small contracting firm. Your company is considering migratin...
- Q106. The BCDR plan/process should be written and documented in such a way that it can be used b...
- Q107. Which of the following is a restriction that can be enforced by information rights managem...
- Q108. Modern web service systems are designed for high availability and resiliency. Which concep...
- Q109. As part of the auditing process, getting a report on the deviations between intended confi...
- Q110. The physical layout of a cloud data center campus should include redundancies of all the f...
- Q111. Which of the following should occur at each stage of the SDLC?...
- Q112. Which of the following would be a reason to undertake a BCDR test?...
- Q113. With a cloud service category where the cloud customer is provided a full application fram...
- Q114. Why might an organization choose to comply with the ISO 27001 standard? Response:...
- Q115. With the rapid emergence of cloud computing, very few regulations were in place that perta...
- Q116. DLP solutions can aid in deterring loss due to which of the following?...
- Q117. Halon is now illegal to use for data center fire suppression. What is the reason it was ou...
- Q118. When an API is being leveraged, it will encapsulate its data for transmission back to the ...
- Q119. Access should be based on ____________. Response:...
- Q120. What does the "SOC" acronym refer to with audit reports?...
- Q121. You are the security manager for a small retail business involved mainly in direct e- comm...
- Q122. What is the concept of segregating information or processes, within the same system or app...
- Q123. Which of the following is NOT a key area for performance monitoring as far as an SLA is co...
- Q124. What is a serious complication an organization faces from the perspective of compliance wi...
- Q125. When an organization is considering the use of cloud services for BCDR planning and soluti...
- Q126. Which type of report is considered for "general" use and does not contain any sensitive in...
- Q127. Using one cloud provider for your operational environment and another for your BCDR backup...
- Q128. What type of storage structure does object storage employ to maintain files?...
- Q129. According to the (ISC)2 Cloud Secure Data Life Cycle, which phase comes soon after (or at ...
- Q130. Jurisdictions have a broad range of privacy requirements pertaining to the handling of per...
- Q131. Jurisdictions have a broad range of privacy requirements pertaining to the handling of per...
- Q132. Which of the following is considered a physical control?...
- Q133. Which of the following is not an enforceable governmental request? Response:...
- Q134. Audits are either done based on the status of a system or application at a specific time o...
- Q135. All policies within the organization should include a section that includes all of the fol...
- Q136. Which of the following might make crypto-shredding difficult or useless? Response:...
- Q137. Which component of ITIL pertains to planning, coordinating, executing, and validating chan...
- Q138. Which of the following is considered a physical control?...
- Q139. IRM solutions allow an organization to place different restrictions on data usage than wou...
- Q140. Which of the following is not a risk management framework?...
- Q141. Who should be the only entity allowed to declare that an organization can return to normal...
- Q142. Apart from using encryption at the file system level, what technology is the most widely u...
- Q143. Configurations and policies for a system can come from a variety of sources and take a var...
- Q144. The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) program h...
- Q145. In a federated identity arrangement using a trusted third-party model, who is the identity...
- Q146. BCDR strategies do not typically involve the entire operations of an organization, but onl...
- Q147. There is a large gap between the privacy laws of the United States and those of the Europe...
- Q148. Which of the following is NOT part of a retention policy?...
- Q149. A cloud data encryption situation where the cloud customer retains control of the encrypti...
- Q150. What concept does the "A" represent in the DREAD model?...
- Q151. Which of the following is NOT a focus or consideration of an internal audit?...
- Q152. Which of the following are not examples of personnel controls?...
- Q153. Which of the following are distinguishing characteristics of a managed service provider?...
- Q154. DLP solutions can aid in deterring loss due to which of the following? Response:...
- Q155. Impact resulting from risk being realized is often measured in terms of ____________....
- Q156. Heating, ventilation, and air conditioning (HVAC) systems cool the data center by pushing ...
- Q157. What is the intellectual property protection for the logo of a new video game? Response:...
- Q158. A federated identity system is composed of three main components. Which of the following i...
- Q159. Database activity monitoring (DAM) can be:
- Q160. Which of the following does NOT fall under the "IT" aspect of quality of service (QoS)?...
- Q161. Which key storage solution would be the BEST choice in a situation where availability migh...
- Q162. You are the security manager of a small firm that has just purchased a DLP solution to imp...
- Q163. One of the main components of system audits is the ability to track changes over time and ...
- Q164. Which of the following best describes SAML?
- Q165. All the following are data analytics modes, except:...
- Q166. Designers making applications for the cloud have to take into consideration risks and oper...
- Q167. Which security concept, if implemented correctly, will protect the data on a system, even ...
- Q168. Which component of ITIL involves handling anything that can impact services for either int...
- Q169. TLS uses ___________ to authenticate a connection and create a shared secret for the durat...
- Q170. Which of the following security measures done at the network layer in a traditional data c...
- Q171. For service provisioning and support, what is the ideal amount of interaction between a cl...
- Q172. Which type of controls are the SOC Type 1 reports specifically focused on?...
- Q173. Which cloud service category would be most ideal for a cloud customer that is developing s...
- Q174. Which process serves to prove the identity and credentials of a user requesting access to ...
- Q175. DLP solutions typically involve all of the following aspects except ___________....
- Q176. If a company needed to guarantee through contract and SLAs that a cloud provider would alw...
- Q177. Which cloud service category offers the most customization options and control to the clou...
- Q178. What concept does the "T" represent in the STRIDE threat model?...
- Q179. Which aspect of cloud computing pertains to cloud customers only paying for the resources ...
- Q180. Which aspect of archiving must be tested regularly for the duration of retention requireme...
- Q181. Which cloud deployment model is MOST likely to offer free or very cheap services to users?...
- Q182. BCDR strategies do not typically involve the entire operations of an organization, but onl...
- Q183. What is a key capability or characteristic of PaaS?...
- Q184. Which of the following terms is NOT a commonly used category of risk acceptance?...
- Q185. Which of the following areas of responsibility would be shared between the cloud customer ...
- Q186. What is the federal agency that accepts applications for new patents?...
- Q187. Which technology can be useful during the "share" phase of the cloud data lifecycle to con...
- Q188. A UPS should have enough power to last how long?...
- Q189. Which of the following is the sole responsibility of the cloud provider, regardless of whi...
- Q190. From a security perspective, automation of configuration aids in ____________. Response:...
- Q191. What concept does the "I" represent with the STRIDE threat model?...
- Q192. Which of the following threat types involves an application developer leaving references t...
- Q193. Which of the following BCDR testing methodologies is least intrusive? Response:...
- Q194. In a Lightweight Directory Access Protocol (LDAP) environment, each entry in a directory s...
- Q195. Which of the following is not a feature of SAST?...
- Q196. Which cloud service category is MOST likely to use a client-side key management system?...
- Q197. A process for __________ can aid in protecting against data disclosure due to lost devices...
- Q198. Which of the following roles involves the provisioning and delivery of cloud services?...
- Q199. Which European Union directive pertains to personal data privacy and an individual's contr...
- Q200. Tokenization requires two distinct _________________ ....
- Q201. Which protocol does the REST API depend on?
- Q202. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats t...
- Q203. What does the REST API use to protect data transmissions?...
- Q204. Maintenance mode requires all of these actions except:...
- Q205. Which of the following is NOT a core component of an SIEM solution? Response:...
- Q206. What process is used within a clustered system to provide high availability and load balan...
- Q207. Which of the following is NOT something that an HIDS will monitor?...
- Q208. Which United States law is focused on accounting and financial practices of organizations?...
- Q209. The Transport Layer Security (TLS) protocol creates a secure communications channel over p...
- Q210. Which of the following statements accurately describes VLANs?...
- Q211. Most APIs will support a variety of different data formats or structures. However, the SOA...
- Q212. If you're using iSCSI in a cloud environment, what must come from an external protocol or ...
- Q213. You are the security manager for a small surgical center. Your organization is reviewing u...
- Q214. Which of the following roles involves overseeing billing, purchasing, and requesting audit...
- Q215. From a security perspective, what component of a cloud computing infrastructure represents...
- Q216. Which of the following statements about Type 1 hypervisors is true?...
- Q217. Your company is in the planning stages of moving applications that have large data sets to...
- Q218. When dealing with PII, which category pertains to those requirements that can carry legal ...
- Q219. Which of the following is a risk associated with manual patching especially in the cloud?...
- Q220. Deviations from the baseline should be investigated and __________________....
- Q221. Which protocol operates at the network layer and provides for full point-to-point encrypti...
- Q222. The management plane is used to administer a cloud environment and perform administrative ...
- Q223. When using an IaaS solution, what is a key benefit provided to the customer?...
- Q224. What could be the result of failure of the cloud provider to secure the hypervisor in such...
- Q225. With finite resources available within a cloud, even the largest cloud providers will at t...
- Q226. Which of the following is NOT a focus or consideration of an internal audit?...
- Q227. In addition to whatever audit results the provider shares with the customer, what other me...
- Q228. Your IT steering committee has, at a high level, approved your project to begin using clou...
- Q229. What is the primary security mechanism used to protect SOAP and REST APIs?...
- Q230. Which of the cloud cross-cutting aspects relates to the assigning of jobs, tasks, and role...
- Q231. All of the following are terms used to described the practice of obscuring original raw da...
- Q232. Although much of the attention given to data security is focused on keeping data private a...
- Q233. What does nonrepudiation mean? Response:
- Q234. What concept does the "T" represent in the STRIDE threat model?...
- Q235. Which of the following threat types involves the sending of commands or arbitrary data thr...
- Q236. Which of the following is NOT one of the official risk rating categories?...
- Q237. A firewall can use all of the following techniques for controlling traffic except:...
- Q238. What does dynamic application security testing (DAST) NOT entail?...
- Q239. What category of PII data can carry potential fines or even criminal charges for its impro...
- Q240. Your organization has made it a top priority that any cloud environment being considered t...
- Q241. You are the security manager of a small firm that has just purchased a DLP solution to imp...
- Q242. When a system needs to be exposed to the public Internet, what type of secure system would...
- Q243. Which of the following roles involves testing, monitoring, and securing cloud services for...
- Q244. Along with humidity, temperature is crucial to a data center for optimal operations and pr...
- Q245. What are the two protocols that TLS uses?
- Q246. With IaaS, what is responsible for handling the security and control over the volume stora...
- Q247. Which of the following roles involves the provisioning and delivery of cloud services?...
- Q248. From a security perspective, automation of configuration aids in ____________....
- Q249. Which data state would be most likely to use TLS as a protection mechanism?...
- Q250. You work for a government research facility. Your organization often shares data with othe...
