Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

During a GDPR readiness review, a cloud security engineer is building a data flow map for a SaaS application that stores EU resident PII in a provider-managed object storage service which automatically replicates objects to a secondary region for durability. To demonstrate effective data classification and cross-border controls, which information must the engineer include in the data map to satisfy regulators?

  • The specific cryptographic ciphers and key lengths used to encrypt the stored objects

  • The version and patch level of the operating system supporting the storage service

  • Every IAM role and privilege granted to application developers accessing the bucket

  • The geographic locations where the provider stores all primary and replicated copies of the personal data

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Data Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot