Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

A multinational enterprise stores customer data in a cloud-based CRM delivered as SaaS. Security testing shows that users can export the entire customer table to local drives, violating several data-protection laws. The company wants to block such bulk downloads while making no code changes to the SaaS application and without installing agents on every endpoint. Which control best meets these requirements?

  • Implement a CASB operating in API mode to apply DLP rules that prevent bulk exports from the CRM tenant.

  • Enable database-level Transparent Data Encryption with customer-managed keys for the SaaS environment.

  • Require users to connect through an always-on IPSec VPN before accessing the CRM portal.

  • Migrate identity federation from OAuth2 to SAML 2.0 with signed assertions.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Data Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot