Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

During the initiation stage of a secure SDLC for a new cloud-hosted claims-processing application, the project team is capturing business requirements that will drive later design decisions. Which of the following statements represents a security business requirement, rather than a functional, performance, or availability requirement?

  • The application shall process at least 200 claims transactions per second during peak business hours.

  • All cardholder data stored by the application shall be encrypted using AES-256 and the encryption keys shall be protected in a hardware security module supplied by the cloud provider.

  • Customers must be able to submit claims from Android and iOS mobile devices through the public API.

  • The production environment shall achieve a monthly service availability of no less than 99.95 percent.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Application Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot