ISC2-CCSP Domain 4: Cloud Application Security Welcome to your ISC2-CCSP Domain 4: Cloud Application Security 1. CCSP: Cloud Application Security In implementing secure coding practices for a cloud-based application, which of the following is MOST critical to prevent injection attacks? A. Input validation and sanitization B. Encryption of data at rest C. Regular patching of the application D. Implementation of multi-factor authentication None 2. CCSP: Cloud Application Security In the context of cloud application security, which of the following encryption mechanisms provides the BEST level of security for data in transit? A. SSL/TLS B. WPA2 C. SSH D. IPsec None 3. CCSP: Cloud Application Security When designing a cloud-based application, which of the following is the MOST effective strategy to ensure data confidentiality? A. Data obfuscation B. Encryption of data at rest and in transit C. Implementing network segmentation D. Regular vulnerability scanning None 4. CCSP: Cloud Application Security In assessing the security of cloud-based applications, which of the following is the MOST critical vulnerability to address to prevent unauthorized access to application data? A. Insufficient logging and monitoring B. Insecure API endpoints C. Lack of data encryption D. Broken authentication mechanisms None 5. CCSP: Cloud Application Security Which of the following cloud application security principles is MOST important for protecting against data breaches? A. Principle of least privilege B. Secure by default C. Defense in depth D. Continuous integration and continuous deployment (CI/CD) None 6. CCSP: Cloud Application Security When integrating third-party services into a cloud application, which of the following is the MOST critical factor to evaluate to maintain application security? A. The popularity of the third-party service B. The compliance certifications held by the third-party service C. The service level agreements (SLAs) of the third-party service D. The security practices and vulnerabilities of the third-party service None 7. CCSP: Cloud Application Security In the development of cloud applications, which of the following approaches is MOST effective in identifying and remediating security vulnerabilities early in the development lifecycle? A. Penetration testing B. Security audits C. Code review D. Static application security testing (SAST) None 8. CCSP: Cloud Application Security For cloud-based applications, which of the following security controls is MOST critical for ensuring the integrity of application data? A. Digital signatures B. Access control lists (ACLs) C. Firewall protection D. Intrusion detection systems (IDS) None 9. CCSP: Cloud Application Security When deploying a cloud-based application globally, which of the following considerations is MOST important for compliance with data protection regulations? A. Data localization requirements B. The choice of cloud service model (IaaS, PaaS, SaaS) C. The encryption standards used D. The scalability of the cloud infrastructure None 10. CCSP: Cloud Application Security In managing access to a cloud application, which of the following is the BEST method to ensure secure and controlled access? A. Password policies B. Role-based access control (RBA C. C) Network address translation (NAT) D. Biometric authentication None 11. CCSP: Cloud Application Security Which of the following is the MOST effective strategy for securing API keys used in cloud applications? A. Storing API keys in source code B. Hard-coding API keys into the application C. Using environment variables for API keys D. Embedding API keys in HTML comments None 12. CCSP: Cloud Application Security When securing a cloud application's data storage, which of the following mechanisms provides the BEST protection against both insider threats and external attacks? A. Regular data backups B. Access control lists (ACLs) C. Encryption of data at rest D. Intrusion detection systems (IDS) None 13. CCSP: Cloud Application Security In the development of a cloud application, which of the following strategies is MOST effective in preventing Cross-Site Scripting (XSS) attacks? A. Enforcing strong password policies B. Implementing Content Security Policy (CSP) C. Regularly scanning for unpatched vulnerabilities D. Using network firewalls None 14. CCSP: Cloud Application Security For a cloud application utilizing microservices architecture, which of the following is the MOST important security concern to address? A. Service discovery and registry security B. The scalability of microservices C. The programming languages used in microservices development D. Load balancing across microservices None 15. CCSP: Cloud Application Security When implementing security measures for cloud-based APIs, which of the following is the MOST critical to protect against Man-In-The-Middle (MITM) attacks? A. Rate limiting B. API key rotation C. Transport Layer Security (TLS) D. OAuth 2.0 None 16. CCSP: Cloud Application Security In a cloud environment, which of the following is the BEST approach to manage the risk of data leakage through third-party APIs? A. Conducting regular third-party security audits B. Implementing strict data retention policies C. Utilizing API gateways with strong security controls D. Enforcing encryption of all data shared with third parties None 17. CCSP: Cloud Application Security Which of the following measures is MOST effective in securing a cloud application against Distributed Denial of Service (DDoS) attacks? A. Web Application Firewall (WAF) B. Multi-factor authentication C. Geo-restriction of access D. Elastic scalability of cloud resources None 18. CCSP: Cloud Application Security In cloud application security, which of the following is the MOST effective way to ensure secure communication between microservices? A. Enabling CORS (Cross-Origin Resource Sharing) B. Mutual TLS authentication C. IP whitelisting D. Application-level API keys None 19. CCSP: Cloud Application Security For cloud applications, which of the following strategies provides the BEST protection against zero-day vulnerabilities? A. Frequent password rotation B. Deployment of a WAF with automatic updates C. Regularly scheduled penetration testing D. Strict access controls None 20. CCSP: Cloud Application Security When addressing compliance and regulatory requirements in a cloud application, which of the following is the MOST important consideration for data protection? A. Adherence to the General Data Protection Regulation (GDPR) or similar regulations B. The physical location of cloud data centers C. The use of open-source software D. The frequency of data backup operations None 1 out of 20 Time is Up! Time's up
