Question 4 - ISC2 CCSP Real Exam Questions [Feb 2026 Update]

Q: 4

Which of the following technologies is NOT commonly used for accessing systems and services in a 139/315 cloud environment in a secure manner?

Options

Discussion

Taylor U. Jan 26, 2026 12:30 am

Had something like this in a mock, it's A

Morgan T. Jan 13, 2026 1:08 pm

A
KVM isn't used by users for secure access, it's just the virtualization layer. Pretty sure A is right here.

Priya Jan 31, 2026 1:29 pm

I don’t think it’s C. B or D would both be used for secure connections, but KVM (A) isn’t actually about access for end users-it’s the virtualization layer itself. Feels like the trap is confusing backend tech with access methods.

CalmMentor9704 Jan 25, 2026 7:08 am

Why would TLS or HTTPS be a possible answer here? Both are actually used for securing access, but KVM just runs the underlying VMs. Am I missing something about how they'd expect to see VPN used though?

Jordan Jan 16, 2026 9:36 am

I don't think it's C, even though VPNs get mis-marketed sometimes. KVM (A) isn't an access technology, it's more backend virtualization. The others all directly secure connections. That feels like the trap here.

Casey W. Jan 14, 2026 5:08 pm

C/D?

Aisha C. Jan 15, 2026 1:02 pm

Isn't VPN sometimes just marketing, like split tunnel? Could C actually be the trap here?

Nathan E. Jan 29, 2026 8:15 am

Its A. KVM is more for running VMs, not really about how users securely access cloud services.

Chloe H. Jan 23, 2026 3:35 pm

KVM here. It's more about virtualization itself, not really for secure user access like VPN, TLS, or HTTPS. Pretty sure A.

Be respectful. No spam.

Correct Answer:

Explanation

Kernel-based Virtual Machine (KVM) is a Type-1 hypervisor integrated into the Linux kernel that enables virtualization on hardware with virtualization extensions. It is a core infrastructure technology used by cloud providers to create and manage virtual machines (IaaS), not a technology used by end-users to securely access cloud services over a network. In contrast, HTTPS, VPN, and TLS are all fundamental technologies designed to provide secure, encrypted communication channels for accessing systems and services. HTTPS secures web-based access, VPNs create secure tunnels to private cloud networks, and TLS is the cryptographic protocol that underpins the security of both HTTPS and many VPN solutions.

Why Incorrect

B. HTTPS: Incorrect. HTTPS (HTTP over TLS) is a primary and ubiquitous protocol for securely accessing web-based cloud services, management consoles, and APIs.

C. VPN: Incorrect. Virtual Private Networks are commonly used to establish secure, encrypted connections from remote users or on-premises networks to a private cloud environment (e.g., a VPC/VNet).

D. TLS: Incorrect. Transport Layer Security is the foundational cryptographic protocol that provides end-to-end security for many higher-level protocols, including HTTPS, and is used in many VPN implementations.

References

1. KVM: Red Hat Enterprise Linux 7 Documentation

Virtualization Deployment and Administration Guide

Chapter 2. KVM Guest Timing Management. The documentation states

"KVM (Kernel-based Virtual Machine) is a virtualization solution that is part of the Red Hat Enterprise Linux kernel. KVM provides the core virtualization infrastructure..." This identifies KVM as an infrastructure component

not a secure access protocol.

2. TLS/HTTPS: National Institute of Standards and Technology (NIST)

Special Publication 800-52 Revision 2: Guidelines for the Selection

Configuration

and Use of Transport Layer Security (TLS) Implementations

(May 2019). Section 1

Page 1

states

"Transport Layer Security (TLS) is a protocol that is widely used to provide data security and data integrity for communications over TCP/IP networks

such as the internet... TLS is commonly used with protocols such as the Hypertext Transfer Protocol (HTTP)..."

3. VPN: National Institute of Standards and Technology (NIST)

Special Publication 800-77 Revision 1: Guide to IPsec VPNs

(February 2020). Section 2.1

Page 6

describes a VPN as a "virtual network

built on top of existing physical networks

that can provide a secure communications mechanism for data and control information transmitted between networks." This is a primary method for secure access to cloud resources.

4. Cloud Access Security: Armbrust

et al. (2009). Above the Clouds: A Berkeley View of Cloud Computing. University of California

Berkeley. Technical Report No. UCB/EECS-2009-28. Section 5.2

"Data Confidentiality and Auditability

" implicitly discusses the need for secure channels (like TLS/VPNs) for data in transit to and from the cloud.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE