Wonderful questions with explanation sir. Really useful for checking our understanding on the CCSP concepts sir. Thanks for sharing the questions and explaining the answers!!🙏
Question 11 - i would prefer select D ; becox the question has vulnerablity to cyber attacks as key word - your option B will not check the vulnerablities but when you do a Penetest you could identify the vulnerablities in the Virtual environment
I think u r missing the fact here that the main vul. Is segregating csp env. From csc'c... furthermore pentesting is not preferred in general specially in cloud due to the downtime as cloud should be HA due to SLA's with customers and potential legal issues... the question is focussed on the virtualization management network which is the backbone of any CSP and not segregating it would might cause the csp to wind up the business even if a small vulneriblity is introduced thru any of 1000's of customers csp have... remember the main concept of security for csp would be to separate the management plane to make sure underlying infra is secure .... ultimately when u do the segregation, in turn u have reduced the attack surface completely....hope this might help in understanding... my reply is just to help not to criticise ... always ready to have ur counter argument to rectify my understanding if u have any argument ....
Brilliant content as always! Thanks Prabh, you helped me pass CISA, CISSP and now hopefully CCSP… 6 days away and I plan to hear “Next Coffee Shot” a lot this week. Keep it up legend!
Good day @Prabh, On question number 14, I note the Security manger is evaluating potential CSPs, which I assume would imply the security manager is yet to subscribe to the services of these cloud providers, in this situation shouldn't the answer be D. High Availability Audit report? Since the cloud customer would not have any contract with the CSP yet, hence, no SLA has been agreed upon. Please let me know your thoughts on this . Cheers!!!!
I don't agree with the last question. The correct answer should be the overhead and performance of processing encrypted data, NOT copying some encrypted data from one place to another. You are still using the same type of DB and application, there is no reason to have issues in understanding the replicated data- just because you are adding encryption. You will face the same issues as working with the primary set of data, and those issues are performance related issues because of the additional processing overhead.
There is a question in the ISC2 Official Practice Tests specifically on this "Encryption consumes processing power and time; as with all security controls, additional security means measurably less operational capability-there is always a trade-off between security and productivity."
This is great work so thank you. However, almost all options are too common sense, so easy to guess the right answer. This is because the options provide too many details, I suggest to shorten the answers and make them more difficult.
Question 15: also you are more focusing on Data center setup - the question is the client expanding in Cloud infra ; so the answer should be proper SLA with CSP with 99.999 % SLA and with multi AZ and multi Region deployment - this answer is also wrong
Question 13 - options are completely wrong ; the question is availablity of cloud services and you are telling NIC card - NIC is used in Data center which is onpremsis setup - so better change the answer for this - it should be multiple AZs and Different region connectivity for your Cloud services will adress this issue
Wonderful video Prabh..!! Many thanks :)
Very nice practice questions. Thank You so Much!
Wonderful questions with explanation sir. Really useful for checking our understanding on the CCSP concepts sir. Thanks for sharing the questions and explaining the answers!!🙏
great video prab. got 14 correct out of 16...
Great video. Thank you so much. Kindly please upload Second edition of this also Before End of March please.
As usual Prabh you rocked with big questions which can clear many doubts .. Thank you for the efforts
Question 11 - i would prefer select D ; becox the question has vulnerablity to cyber attacks as key word - your option B will not check the vulnerablities but when you do a Penetest you could identify the vulnerablities in the Virtual environment
I think u r missing the fact here that the main vul. Is segregating csp env. From csc'c... furthermore pentesting is not preferred in general specially in cloud due to the downtime as cloud should be HA due to SLA's with customers and potential legal issues... the question is focussed on the virtualization management network which is the backbone of any CSP and not segregating it would might cause the csp to wind up the business even if a small vulneriblity is introduced thru any of 1000's of customers csp have... remember the main concept of security for csp would be to separate the management plane to make sure underlying infra is secure .... ultimately when u do the segregation, in turn u have reduced the attack surface completely....hope this might help in understanding... my reply is just to help not to criticise ... always ready to have ur counter argument to rectify my understanding if u have any argument ....
It is great content and nicely presented comprehensively.
Brilliant content as always! Thanks Prabh, you helped me pass CISA, CISSP and now hopefully CCSP… 6 days away and I plan to hear “Next Coffee Shot” a lot this week. Keep it up legend!
Great content as always, Thanks Prabh.
Good day @Prabh,
On question number 14, I note the Security manger is evaluating potential CSPs, which I assume would imply the security manager is yet to subscribe to the services of these cloud providers, in this situation shouldn't the answer be D. High Availability Audit report? Since the cloud customer would not have any contract with the CSP yet, hence, no SLA has been agreed upon. Please let me know your thoughts on this .
Cheers!!!!
I don't agree with the last question. The correct answer should be the overhead and performance of processing encrypted data, NOT copying some encrypted data from one place to another. You are still using the same type of DB and application, there is no reason to have issues in understanding the replicated data- just because you are adding encryption. You will face the same issues as working with the primary set of data, and those issues are performance related issues because of the additional processing overhead.
Ok siri just used chk as reference to draft the question
There is a question in the ISC2 Official Practice Tests specifically on this "Encryption consumes processing power and time; as with all security controls, additional
security means measurably less operational capability-there is always a trade-off between security and productivity."
I wish the exam was this easy
This is great work so thank you. However, almost all options are too common sense, so easy to guess the right answer. This is because the options provide too many details, I suggest to shorten the answers and make them more difficult.
Question 15: also you are more focusing on Data center setup - the question is the client expanding in Cloud infra ; so the answer should be proper SLA with CSP with 99.999 % SLA and with multi AZ and multi Region deployment - this answer is also wrong
Question 13 - options are completely wrong ; the question is availablity of cloud services and you are telling NIC card - NIC is used in Data center which is onpremsis setup - so better change the answer for this - it should be multiple AZs and Different region connectivity for your Cloud services will adress this issue
@@balasoupramanienr8178 thanku bro to bring ur concern here questions is more mapped with ops of dc