D320 CCSP study guide COMPREHENSIVE
QUESTIONS AND VERIFIED SOLUTIONS
BIA (Business Impact Analysis): - ✔✔an assessment of the priorities given to
each asset and process within the organization; analysis considers the effect
(impact) any hard or loss might mean to the organization overall; identify
critical paths and single points of failure; determine costs of compliance
(legislative and contractual requirements mandated) Metered service: - ✔✔the
organization only pays for what it uses Rapid Elasticity: - ✔✔excess capacity
available to be apportioned to cloud customers Cloud bursting: -
✔✔organizations to use hosted cloud service to augment internal, private data
center capabilities with managed services during times of increase demand; an
org can rent the additional capacity as needed from an external cloud provider
(crisis situation, heavy holiday shopping periods); rapid scalability allows
customer to dictate the volume of resource Cloud service benefits -
✔✔reduction in personnel cost (data management); reduction in capital
expenditure (metered service, rapid elasticity, cloud bursting); reduction in
operational costs; transferring some regulatory costs; reduction in costs for
data archival/backup services ROI (Return on Investment): - ✔✔term related to
cost-benefit measures; used to describe a profitability ratio; calculated by
dividing net profits by net assets Elasticity: - ✔✔customers can contract cloud
providers to use virtualization to flexibly allocate only the needed usage of each
resource to the organization, while holding costs while maintaining
profitability; allow users to access their data from diverse platforms and
locations, increasing portability, accessibility, and availability Simplicity: -
✔✔allow a user to seamlessly use the service without frequently interacting
with the cloud service provider Scalability: - ✔✔increasing/reducing services
can be easily, quickly, and cost-effectively accomplished IaaS (Infrastructure as
a Service) - ✔✔What it is: Cloud provider gives you raw infrastructure —
servers, storage, networking — but you install and manage the OS,
applications, and everything else. Think of it as: Renting a fully built apartment
building shell — you bring the furniture, appliances, and decorate it how you
want. Examples: Amazon EC2 (AWS) → You get a virtual server, but you set up
the OS and software. Google Compute Engine (GCE) Microsoft Azure VMs Best
for: Companies that want control and customization, but don't want to
buy/manage physical hardware. "I build on rented servers." (Control
,everything) PaaS (Platform as a Service) - ✔✔What it is: Cloud provider gives
you infrastructure + runtime environment (OS, middleware, database, dev
tools). You just build and run your applications on top of it. Think of it as:
Renting an apartment that's already furnished and decorated — you just move
in and live. You don't worry about plumbing, electricity, or furniture.
Examples: Heroku → Deploy code without managing servers. Google App
Engine Microsoft Azure App Service Best for: Developers who just want to code
and deploy apps quickly without worrying about servers or OS. "I deploy apps
on a ready-made platform." (Focus on code) SaaS (Software as a Service) -
✔✔What it is: Cloud provider delivers ready-to-use software applications via
the internet. You just log in and use it — no management of infrastructure or
platforms. Think of it as: Staying at a hotel — everything is ready, you just
enjoy the service. No furniture, no setup, no maintenance. Examples: Gmail /
Outlook.com → You don't install or manage the email server. Google Docs /
Microsoft 365 → Software runs in your browser. Salesforce → CRM software as
a service. Best for: End-users who want fully managed, ready-to-use
applications. Unstructured Data Types: qualitative data; natural-language text;
incorporate media (audio, video, images); contains JSON, XML, binary objects
(images encoded as text strings); important for data analytic strategies; noSQL
Structured Data Types: quantitative data; organized and decipherable by
machine learning algorithms; SQL (relational) can be used to quickly input,
search, and manipulate data; used by machine learning algorithms "I just use
the app in the cloud." (End-user product) Public Cloud: - ✔✔resources are
owned and operated by a vendor and sold, leased, or rented to anyone;
multitenant environments; multiple customers will share resources; EX:
customer might be using a AM that resides on the same hardware that hosts
another VM as their competitor, but they do not know the entities using the
same resources; Rackspace, Microsoft's Azure, and AWS (Amazon Web
Services) Private Cloud: - ✔✔resources dedicated to a single customer; might be
owned and maintained by the entity that is the sole customer (org might own
and operate a data center that serves as the cloud environment for the org's
users); might be a set of resources (racks, blades, software packages) owned by
the single customer but located and maintained at provider's data center;
provider might offer physical security, admin services, and utilities (power,
Internet) for customers (referred to as co-lo (co-located) environment)
Community Cloud: - ✔✔features infrastructure and processing owned and
operated by/for an affinity group; orgs come together to perform joint tasks
and functions; gaming communities, ownership is spread throughout the
various members of the community; can be provisioned by a third party
(FedRAMP service - only used by US federal gov) Hybrid Cloud: - ✔✔contains
, elements of other models; org might want to retain some private cloud
resources (remote user access) but lease some public cloud space (PaaS
function for software development/testing) Cloud Broker: - ✔✔company that
purchases hosting services from a provider and resells them to its own
customers CASB (Cloud Access Security Broker): - ✔✔third-party entity
offering independent IAM (identity and access management) services to CSPs
and cloud customers; can be SSO, certificate management, and cryptographic
key escrow Regulators: - ✔✔ensure orgs are incompliance with regulatory
framework for which they are responsible for; HIPAA, GLBA, PCI DSS, ISO,
SOX, etc.; regulators include FTC, SEC, and auditors Cost-Benefit Analysis: -
✔✔comparing potential positive impact (profit, efficiency, market share) of a
business decision to potential negative impact (expense, detriment to
production, risk) and weighing the two as equivalent or not (potential
positive/negative) FIPS 140-2: - ✔✔NIST document that describes the process
for accrediting and cryptosystems for use by the federal government; lists only
approved cryptographic tools NIST 800-53: - ✔✔guidance document with
primary goal of ensuring appropriate security requirements and controls are
applied to all US federal government information in management systems TCI
(Trusted Cloud Initiative) Reference Model: - ✔✔guide for cloud providers,
allowing them to create a holistic architecture that customers can purchase
(including physical/logical layout of network and processes necessary to utilize
both) Vendor Lock-In: - ✔✔situation where a customer is unable to leave,
migrate, retrieve, or transfer data to an alternate provider due to
technical/nontechnical constraints; use portability for a level of ease when
transporting data, ensure contract states so, avoid proprietary formats
(requires specific software to read data), check for regulatory constraints;
detrimental contract terms or technical limitations Vendor Lock-Out: -
✔✔when a customer is unable to recover/access their own data due to provider
going into bankruptcy or leaving the market Blockchain: - ✔✔open means of
conveying value using encryption technologies/algorithms (cryptocurrency);
transactional ledger where all participants can view every transaction, making
it extremely difficult to negatively affect the integrity of past transactions; each
record (block) is distributed among all participants in a distributed or cloud-
based manner Containers: - ✔✔logical segmentation of memory space in a
device, creating two or more abstract areas that cannot interface directly;
commonly used in BYOD environment; distinguish two distinct partitions (one
for work functions/data and other for personal functions/data) Quantum
Computing: - ✔✔emerging technology that allow IT systems to operate beyond
binary math; instead of using the presence of electrons for calculations
QUESTIONS AND VERIFIED SOLUTIONS
BIA (Business Impact Analysis): - ✔✔an assessment of the priorities given to
each asset and process within the organization; analysis considers the effect
(impact) any hard or loss might mean to the organization overall; identify
critical paths and single points of failure; determine costs of compliance
(legislative and contractual requirements mandated) Metered service: - ✔✔the
organization only pays for what it uses Rapid Elasticity: - ✔✔excess capacity
available to be apportioned to cloud customers Cloud bursting: -
✔✔organizations to use hosted cloud service to augment internal, private data
center capabilities with managed services during times of increase demand; an
org can rent the additional capacity as needed from an external cloud provider
(crisis situation, heavy holiday shopping periods); rapid scalability allows
customer to dictate the volume of resource Cloud service benefits -
✔✔reduction in personnel cost (data management); reduction in capital
expenditure (metered service, rapid elasticity, cloud bursting); reduction in
operational costs; transferring some regulatory costs; reduction in costs for
data archival/backup services ROI (Return on Investment): - ✔✔term related to
cost-benefit measures; used to describe a profitability ratio; calculated by
dividing net profits by net assets Elasticity: - ✔✔customers can contract cloud
providers to use virtualization to flexibly allocate only the needed usage of each
resource to the organization, while holding costs while maintaining
profitability; allow users to access their data from diverse platforms and
locations, increasing portability, accessibility, and availability Simplicity: -
✔✔allow a user to seamlessly use the service without frequently interacting
with the cloud service provider Scalability: - ✔✔increasing/reducing services
can be easily, quickly, and cost-effectively accomplished IaaS (Infrastructure as
a Service) - ✔✔What it is: Cloud provider gives you raw infrastructure —
servers, storage, networking — but you install and manage the OS,
applications, and everything else. Think of it as: Renting a fully built apartment
building shell — you bring the furniture, appliances, and decorate it how you
want. Examples: Amazon EC2 (AWS) → You get a virtual server, but you set up
the OS and software. Google Compute Engine (GCE) Microsoft Azure VMs Best
for: Companies that want control and customization, but don't want to
buy/manage physical hardware. "I build on rented servers." (Control
,everything) PaaS (Platform as a Service) - ✔✔What it is: Cloud provider gives
you infrastructure + runtime environment (OS, middleware, database, dev
tools). You just build and run your applications on top of it. Think of it as:
Renting an apartment that's already furnished and decorated — you just move
in and live. You don't worry about plumbing, electricity, or furniture.
Examples: Heroku → Deploy code without managing servers. Google App
Engine Microsoft Azure App Service Best for: Developers who just want to code
and deploy apps quickly without worrying about servers or OS. "I deploy apps
on a ready-made platform." (Focus on code) SaaS (Software as a Service) -
✔✔What it is: Cloud provider delivers ready-to-use software applications via
the internet. You just log in and use it — no management of infrastructure or
platforms. Think of it as: Staying at a hotel — everything is ready, you just
enjoy the service. No furniture, no setup, no maintenance. Examples: Gmail /
Outlook.com → You don't install or manage the email server. Google Docs /
Microsoft 365 → Software runs in your browser. Salesforce → CRM software as
a service. Best for: End-users who want fully managed, ready-to-use
applications. Unstructured Data Types: qualitative data; natural-language text;
incorporate media (audio, video, images); contains JSON, XML, binary objects
(images encoded as text strings); important for data analytic strategies; noSQL
Structured Data Types: quantitative data; organized and decipherable by
machine learning algorithms; SQL (relational) can be used to quickly input,
search, and manipulate data; used by machine learning algorithms "I just use
the app in the cloud." (End-user product) Public Cloud: - ✔✔resources are
owned and operated by a vendor and sold, leased, or rented to anyone;
multitenant environments; multiple customers will share resources; EX:
customer might be using a AM that resides on the same hardware that hosts
another VM as their competitor, but they do not know the entities using the
same resources; Rackspace, Microsoft's Azure, and AWS (Amazon Web
Services) Private Cloud: - ✔✔resources dedicated to a single customer; might be
owned and maintained by the entity that is the sole customer (org might own
and operate a data center that serves as the cloud environment for the org's
users); might be a set of resources (racks, blades, software packages) owned by
the single customer but located and maintained at provider's data center;
provider might offer physical security, admin services, and utilities (power,
Internet) for customers (referred to as co-lo (co-located) environment)
Community Cloud: - ✔✔features infrastructure and processing owned and
operated by/for an affinity group; orgs come together to perform joint tasks
and functions; gaming communities, ownership is spread throughout the
various members of the community; can be provisioned by a third party
(FedRAMP service - only used by US federal gov) Hybrid Cloud: - ✔✔contains
, elements of other models; org might want to retain some private cloud
resources (remote user access) but lease some public cloud space (PaaS
function for software development/testing) Cloud Broker: - ✔✔company that
purchases hosting services from a provider and resells them to its own
customers CASB (Cloud Access Security Broker): - ✔✔third-party entity
offering independent IAM (identity and access management) services to CSPs
and cloud customers; can be SSO, certificate management, and cryptographic
key escrow Regulators: - ✔✔ensure orgs are incompliance with regulatory
framework for which they are responsible for; HIPAA, GLBA, PCI DSS, ISO,
SOX, etc.; regulators include FTC, SEC, and auditors Cost-Benefit Analysis: -
✔✔comparing potential positive impact (profit, efficiency, market share) of a
business decision to potential negative impact (expense, detriment to
production, risk) and weighing the two as equivalent or not (potential
positive/negative) FIPS 140-2: - ✔✔NIST document that describes the process
for accrediting and cryptosystems for use by the federal government; lists only
approved cryptographic tools NIST 800-53: - ✔✔guidance document with
primary goal of ensuring appropriate security requirements and controls are
applied to all US federal government information in management systems TCI
(Trusted Cloud Initiative) Reference Model: - ✔✔guide for cloud providers,
allowing them to create a holistic architecture that customers can purchase
(including physical/logical layout of network and processes necessary to utilize
both) Vendor Lock-In: - ✔✔situation where a customer is unable to leave,
migrate, retrieve, or transfer data to an alternate provider due to
technical/nontechnical constraints; use portability for a level of ease when
transporting data, ensure contract states so, avoid proprietary formats
(requires specific software to read data), check for regulatory constraints;
detrimental contract terms or technical limitations Vendor Lock-Out: -
✔✔when a customer is unable to recover/access their own data due to provider
going into bankruptcy or leaving the market Blockchain: - ✔✔open means of
conveying value using encryption technologies/algorithms (cryptocurrency);
transactional ledger where all participants can view every transaction, making
it extremely difficult to negatively affect the integrity of past transactions; each
record (block) is distributed among all participants in a distributed or cloud-
based manner Containers: - ✔✔logical segmentation of memory space in a
device, creating two or more abstract areas that cannot interface directly;
commonly used in BYOD environment; distinguish two distinct partitions (one
for work functions/data and other for personal functions/data) Quantum
Computing: - ✔✔emerging technology that allow IT systems to operate beyond
binary math; instead of using the presence of electrons for calculations
