ISC2 Certified Cloud Security Professional (CCSP) Practice Question
During a security review of a new PaaS-based analytics solution, you are asked to create a data-flow diagram to locate points where privacy and regulatory controls must be applied. Which piece of information will provide the MOST value for spotting where additional protections such as encryption in transit or tokenization are required?
Runtime framework versions (for example, Python 3.10 or Java 17) used by each microservice
Locations where data crosses a trust boundary between different security domains or network zones
The specific CPU and memory reservations assigned to each compute instance
The scheduled backup window configured on the provider's managed database service
The essential purpose of a data-flow diagram is to show how data moves between processes, storage locations, and external entities. The moments that require the greatest scrutiny are those in which data crosses a trust boundary-moving from one security domain or network zone to another-because control sets, identities, and attack surfaces change at that point. Highlighting these boundaries makes it clear where additional safeguards such as TLS, VPN tunneling, or tokenization must be applied. Details such as CPU reservations, runtime versions, or backup scheduling are important for capacity planning and operations, but they do not directly reveal where data could be exposed in transit and therefore are far less useful when the goal is to identify compliance-relevant exposure points in the flow.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a trust boundary in data flow diagrams?
Open an interactive chat with Bash
How does encryption in transit protect data across trust boundaries?
Open an interactive chat with Bash
Why are other factors like CPU reservations or runtime versions less important for identifying compliance-relevant exposure points?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Data Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .