Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

Your company, now involved in a U.S. civil lawsuit, keeps customer records in a multitenant object-storage SaaS offering that automatically deletes files 90 days after upload. The legal department has issued a litigation hold and wants written assurance that no potentially responsive data will be altered or purged while the case is pending. According to ISO/IEC 27050 guidance on eDiscovery, which contractual control with the cloud provider is most critical to meet this obligation?

  • Require the provider to replicate all stored data to a second geographic region for redundancy.

  • Include a clause obligating the provider to offer an on-demand legal-hold feature that freezes retention and deletion policies for designated tenant data.

  • Mandate that the provider return all stored records to the customer on physical media within 30 days of a request.

  • Demand that the provider allow customer-managed encryption keys held in a hardware security module (HSM).

ISC2 Certified Cloud Security Professional (CCSP)
Legal, Risk and Compliance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot