Cloud Concepts, Architecture, and Design for CCSP

Sample Practice Questions

1. Question 1

   Which of the following roles is responsible for creating cloud components and the testing and validation of services?
   1. A. Cloud auditor
   2. B. Inter-cloud provider
   3. C. Cloud service broker
   4. D. Cloud service developer
   Explanation

   The correct answer is: D. Cloud service developer.

   The cloud service developer, defined in ISO/IEC 17789, is the role that designs, builds, tests, and validates cloud components and services before they are released into operations, owning the full lifecycle from initial implementation through quality assurance. A cloud auditor performs independent assessment and provides assurance over controls but does not build services. An inter-cloud provider peers with other clouds to enable federation and cross-cloud workflows, not internal service development. A cloud service broker mediates commercially between providers and consumers and may aggregate or customize offerings, but does not develop them. Component creation paired with testing and validation maps uniquely to the developer role.

2. Question 2

   Which of the following concepts refers to a cloud customer paying only for the resources and offerings they use within a cloud environment, and only for the duration that they are consuming them?
   1. A. Consumable service
   2. B. Measured service
   3. C. Billable service
   4. D. Metered service
   Explanation

   The correct answer is: B. Measured service.

   Measured service is one of the five NIST SP 800-145 essential characteristics of cloud computing and refers to the metering, monitoring, controlling, and reporting of resource consumption so that customers pay only for what they actually use and for the duration of that use. Consumable service is not a defined NIST term and does not capture the metering aspect. Billable service is generic phrasing that does not distinguish a cloud's pay-as-you-go model from any subscription billing. Metered service is close conceptually but is not the NIST-defined term; the canonical CCSP and NIST vocabulary uses measured service to describe the metered, transparent, consumption-based billing model that underpins cloud economics.

3. Question 3

   Which of the following roles involves testing, monitoring, and securing cloud services for an organization?
   1. A. Cloud service integrator
   2. B. Cloud service business manager
   3. C. Cloud service user
   4. D. Cloud service administrator
   Explanation

   The correct answer is: D. Cloud service administrator.

   The cloud service administrator role is responsible for testing, monitoring, and securing the cloud services consumed by an organization, including configuring security settings, reviewing logs, applying corrective actions, and producing operational reports; this is the ISO/IEC 17789 description of the administrator function. A cloud service integrator focuses on connecting legacy systems with cloud services rather than ongoing security operations. A cloud service business manager handles billing, purchasing, and contracts rather than technical operations. A cloud service user is simply a consumer who interacts with services and does not perform administrative oversight. Day-to-day operational security and monitoring maps to the administrator role.

4. Question 4

   Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment?
   1. A. Cloud service user
   2. B. Cloud service business manager
   3. C. Cloud service administrator
   4. D. Cloud service integrator
   Explanation

   The correct answer is: B. Cloud service business manager.

   The cloud service business manager, as defined in ISO/IEC 17789 and the NIST SP 500-292 reference architecture, owns the business-side functions of cloud consumption, including billing administration, purchasing of cloud services, contract management, and requesting audit reports such as SOC 2 attestations from the provider. A cloud service user is the end consumer who actually invokes services and has no financial or audit authority. A cloud service administrator focuses on operational tasks such as account, configuration, and security administration of the consumed services, not on commercial dealings. A cloud service integrator connects on-premises systems with cloud services and handles technical interoperability rather than billing or procurement. The financial and oversight scope therefore maps cleanly to the business manager role.

5. Question 5

   What type of segregation and separation of resources is needed within a cloud environment for multitenancy purposes versus a traditional data center model?
   1. A. Virtual
   2. B. Security
   3. C. Physical
   4. D. Logical
   Explanation

   The correct answer is: D. Logical.

   Multitenancy in cloud computing relies on logical segregation because physical separation between tenants would defeat the resource pooling that makes cloud economics work; logical isolation is implemented through hypervisor-enforced VM boundaries, VLANs, virtual private clouds, network microsegmentation, and identity-based access controls. Virtual is closely related but is too narrow because it implies only virtualization-layer isolation, whereas the broader concept covers networking, storage, and identity boundaries. Security is the goal of the segregation, not the type of segregation itself. Physical would describe the older data-center model in which dedicated hardware enforced isolation, which is not how multitenant cloud achieves separation. The architectural answer is logical segregation across all layers.

Other CCSP domains

• Cloud Application Security (71 questions)
• Cloud Data Security (107 questions)
• Cloud Platform and Infrastructure Security (74 questions)
• Cloud Security Operations (48 questions)
• Legal, Risk, and Compliance (115 questions)