New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CCSP Exam - Topic 11 Question 81 Discussion

Actual exam question for ISC2's CCSP exam
Question #: 81
Topic #: 11
[All CCSP Questions]

Which of the following components are part of what a CCSP should review when looking at contracting with a cloud service provider?

Show Suggested Answer Hide Answer
Suggested Answer: D

The use of subcontractors can add risk to the supply chain and should be considered; trusting the provider's management of their vendors and suppliers (including subcontractors) is important to trusting the provider. Conversely, the customer is not likely to be allowed to review the physical design of the datacenter (or, indeed, even know the exact location of the datacenter) or the personnel security specifics for the provider's staff. ''Redundant uplink grafts'' is a nonsense term used as a distractor.


by Jeanice at Jan 25, 2024, 10:59 PM

Limited Time Offer

25%

Off

Get Premium CCSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Yuonne
3 months ago
Wait, are we really considering the physical layout? Seems odd.
upvoted 0 times
...
Verona
3 months ago
Subcontractors can be risky, not sure if that’s a must.
upvoted 0 times
...
Sharika
4 months ago
Redundant uplink grafts? Never heard of that before.
upvoted 0 times
...
Glenn
4 months ago
I agree, background checks are super important too.
upvoted 0 times
...
Oren
4 months ago
Definitely need to check the physical layout of the datacenter!
upvoted 0 times
...
Mabel
4 months ago
I’m pretty certain that background checks are crucial, but I’m a bit confused about how the physical layout of the datacenter fits into the overall assessment.
upvoted 0 times
...
Weldon
4 months ago
I feel like the use of subcontractors is definitely something we should review, but I can't remember if redundant uplink grafts were mentioned in our study materials.
upvoted 0 times
...
Gilma
4 months ago
I remember a practice question that mentioned the physical layout of the datacenter, but I can't recall if it was a key component for CCSPs.
upvoted 0 times
...
Avery
5 months ago
I think background checks for the provider's personnel are really important, but I'm not sure if that's the only thing we should focus on.
upvoted 0 times
...
Odette
5 months ago
I'm pretty confident the answer is option D - the use of subcontractors. That's a critical thing a CCSP needs to understand and assess when contracting with a cloud provider. The other options don't seem directly relevant to the CCSP's responsibilities.
upvoted 0 times
...
Clement
5 months ago
Okay, I've got this. A CCSP should review things like the provider's security controls, their personnel vetting processes, and their use of subcontractors. Those are all important considerations when evaluating a cloud service provider.
upvoted 0 times
...
Carolann
5 months ago
Hmm, I'm not totally sure about this one. The options seem a bit random - I'm not sure how "redundant uplink grafts" or "the physical layout of the datacenter" would be relevant. I'll have to think this through carefully.
upvoted 0 times
...
Belen
5 months ago
This looks like a question about the key things a CCSP should review when contracting with a cloud service provider. I think the answer is probably related to security, compliance, or service level agreements.
upvoted 0 times
...
Nikita
5 months ago
I feel confident about this one. Based on my understanding of the sharing model, the answer is A - the record owner and any user above the external user in the role hierarchy.
upvoted 0 times
...
Lashonda
5 months ago
Hmm, this is a tricky one. I'm not super familiar with Azure Service Bus and the different classes and methods available. I'd want to double-check the documentation to make sure I fully understand the differences between the options. My initial thought is that B, BrokeredMessage, might be the way to go since it's specifically for working with messages in the queue, but I'm not 100% certain.
upvoted 0 times
...
Judy
5 months ago
Okay, let's see. The options mention things like DocuSign, SMS, assistants, and controllers. I'm guessing the correct answer is the one that sounds most like a remote control for external services.
upvoted 0 times
...
Kenny
5 months ago
This seems like a straightforward question about incident response plans. I'm pretty confident I know the answer, but I'll quickly review the key points just to be sure.
upvoted 0 times
...
Luis
5 months ago
Hmm, I'm a bit confused by the wording of the question. I'll need to read through it a few times to make sure I understand what they're asking.
upvoted 0 times
...

Save Cancel