Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

A public IaaS provider is preparing for ISO/IEC 20000-1 certification. As part of its Information Security Management process, the service management team must define a measurable control objective that specifically mitigates the risk of tenant-to-tenant compromise through the shared virtualization layer. According to ISO/IEC 20000-1 clause 6.6 and aligned ITIL guidance, which control objective is MOST appropriate to add to the service management system?

  • Review and re-approve privileged access to the service desk toolset no less than annually.

  • Conduct internal audits of all third-party supplier contracts at least once per quarter.

  • Ensure every reported security incident is resolved within the response times defined in service level agreements.

  • Deploy all vendor-issued security patches to the hypervisor on every compute cluster within 30 days of release.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Security Operations
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot