Back to Certified Cloud Security Professional CCSP questions

Scenario-based practice

Drag and Drop Matching Questions

Practise Certified Cloud Security Professional CCSP practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

10
scenario questions
CCSP
exam code
ISC2
vendor

Scenario guide

How to approach drag and drop matching questions

Matching questions give you two columns — concepts, commands, or protocols on the left, and their definitions or use-cases on the right. You drag each left item to its correct match. These appear on most certification exams and punish superficial memorisation.

Quick answer

Drag and Drop Matching Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related CCSP topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummatching
Full question →

Match each IAM term to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Trust relationship between identity providers

Single authentication for multiple systems

Multiple authentication factors

Access based on role assignments

Match each virtualization security concept to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Software that manages virtual machines

Attack breaking out of VM isolation

Virtual machine introspection for monitoring

Moving a running VM between hosts

Question 3mediummatching
Full question →

Match each compliance framework to its primary jurisdiction or industry.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

European Union data protection

US healthcare information privacy

Payment card industry security

US financial reporting controls

Question 4mediummatching
Full question →

Match each data state to its encryption requirement in cloud environments.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Encryption using AES-256

TLS 1.2+ encryption

Homomorphic or confidential computing

Encryption with separate key management

Question 5mediummatching
Full question →

Match each cloud incident response phase to its primary activity.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Develop incident response plan and tools

Identify potential security incidents

Isolate affected systems and prevent spread

Restore normal operations and verify integrity

Question 6mediummatching
Full question →

Match each cloud service model to its primary responsibility area according to the shared responsibility model.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Application security

Platform security

Infrastructure security

Full stack security

Question 7mediummatching
Full question →

Match each key management solution to its characteristic.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Hardware-based key generation and storage

Software-based key lifecycle management

Customer-managed keys in cloud provider HSM

Customer holds and manages own keys

Question 8mediummatching
Full question →

Match each cloud auditing term to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Service organization control report for security

Assessment of cloud provider controls

Analysis of logs for incident investigation

Real-time assessment of security controls

Question 9mediummatching
Full question →

Match each NIST SP 800-53 control family to its focus area.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Access Control

Audit and Accountability

System and Communications Protection

System and Information Integrity

Physical and Environmental Protection

Question 10mediummatching
Full question →

Match each cloud security tool to its primary purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Cloud security posture management

Cloud workload protection platform

Cloud access security broker

Security information and event management

These CCSP practice questions are part of Courseiva's free ISC2 certification practice question bank. Courseiva provides original exam-style CCSP questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.