Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. CCSP

ISC CCSP Exam
Certified Cloud Security Professional (CCSP) (Page 3 )

Updated On: 7-Feb-2026
Page 3 of 104
PDF with 512 Questions

What is the only data format permitted with the SOAP API?

  1. HTML
  2. SAML
  3. XSML
  4. XML

Answer(s): D

Explanation:

The SOAP protocol only supports the XML data format.



Which data formats are most commonly used with the REST API?

  1. JSON and SAML
  2. XML and SAML
  3. XML and JSON
  4. SAML and HTML

Answer(s): C

Explanation:

JavaScript Object Notation (JSON) and Extensible Markup Language (XML) are the most commonly used data formats for the Representational State Transfer (REST) API, and are typically implemented with caching for increased scalability and performance.



Which of the following threat types involves an application that does not validate authorization for portions of itself after the initial checks?

  1. Injection
  2. Missing function-level access control
  3. Cross-site request forgery
  4. Cross-site scripting

Answer(s): B

Explanation:

It is imperative that an application perform checks when each function or portion of the application is accessed, to ensure that the user is properly authorized to access it. Without continual checks each time a function is accessed, an attacker could forge requests to access portions of the application where authorization has not been granted.



Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment?

  1. Cloud service user
  2. Cloud service business manager
  3. Cloud service administrator
  4. Cloud service integrator

Answer(s): B

Explanation:

The cloud service business manager is responsible for overseeing business and billing administration, purchasing cloud services, and requesting audit reports when necessary



What is the biggest concern with hosting a key management system outside of the cloud environment?

  1. Confidentiality
  2. Portability
  3. Availability
  4. Integrity

Answer(s): C

Explanation:

When a key management system is outside of the cloud environment hosting the application, availability is a primary concern because any access issues with the encryption keys will render the entire application unusable.



Viewing page 3 of 104
Viewing questions 11 - 15 out of 512 questions



Post your Comments and Discuss ISC CCSP exam prep with other Community members:

Join the CCSP Discussion