Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

Your company processes payment card data and plans to deploy web servers on a public IaaS platform. Before signing the contract, the security team must confirm that the cloud provider has already been independently validated against PCI DSS requirements that apply to service providers. Which single piece of documentation would give the most reliable evidence of that validation?

  • A CSA STAR Level 1 self-assessment questionnaire (CAIQ) published by the provider

  • An ISO/IEC 27017:2015 certificate from an accredited registrar

  • A PCI DSS Attestation of Compliance (AOC) for Service Providers issued by a Qualified Security Assessor

  • A SOC 1 Type II report covering the provider's cloud platform

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Concepts, Architecture and Design
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot