CCSp Question

Which crucial aspect of cloud computing can be most threatened by insecure APIs?
Click the card to flip 👆
1 / 21
Terms in this set (21)
Which crucial aspect of cloud computing can be most threatened by insecure APIs?
Automation
What process is used within a clustered system to provide high availability and load balancing?
Dynamic resource scheduling
What type of masking strategy involves replacing data on a system while it passes between the data and application layers?
Dynamic
What does dynamic application security testing (DAST) NOT entail?
Knowledge of systems
Which of the following does NOT fall under the "IT" aspect of quality of service (QoS)?
Key performance indicators (KPIs)
With software-defined networking, what aspect of networking is abstracted from the forwarding of traffic?
Filtering
What strategy involves replacing sensitive data with opaque values, usually with a means of mapping it back to the original value?
Tokenization
What does the REST API use to protect data transmissions?
TLS
What does the "SOC" acronym refer to with audit reports?
Service Organizational Control
Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?
Software
Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?ReservationWhich of the following features is a main benefit of PaaS over IaaS?Auto ScalingWhich approach is typically the most efficient method to use for data discovery?Meta DataWhich of the following service capabilities gives the cloud customer the most control over resources and configurations?InfrastructreWhich OSI layer does IPsec operate at?NetworkWhich security concept is focused on the trustworthiness of data?IntegrityWhich security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?ConfidentialityWhat changes are necessary to application code in order to implement DNSSEC?No changes are needed.Which of the following is NOT a function performed by the handshake protocol of TLS?EncryptionWhich cross-cutting aspect of cloud computing would be your primary focus as your project plan continues to develop and you begin to evaluate cloud providers?Interoperabilitywhat statistic application security testing (sast) offer as a tool for testersexamine the application's entire codebase