File Info
| Exam | Certificate of Cloud Security Knowledge |
| Number | CCSK |
| File Name | CSA.CCSK.Pass4Sure.2020-05-04.24q.vcex |
| Size | 16 KB |
| Posted | May 04, 2020 |
| Download | CSA.CCSK.Pass4Sure.2020-05-04.24q.vcex |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
Question 1
All cloud services utilize virtualization technologies.
- False
- True
Correct answer: B
Question 2
If there are gaps in network logging data, what can you do?
- Nothing. There are simply limitations around the data that can be logged in the cloud.
- Ask the cloud provider to open more ports.
- You can instrument the technology stack with your own logging.
- Ask the cloud provider to close more ports.
- Nothing. The cloud provider must make the information available.
Correct answer: C
Question 3
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?
- The physical location of the data and how it is accessed
- The fragmentation and encryption algorithms employed
- The language of the data and how it affects the user
- The implications of storing complex information on simple storage systems
- The actual size of the data and the storage format
Correct answer: D
Question 4
CCM: The following list of controls belong to which domain of the CCM?
GRM 06 – Policy GRM 07 – Policy Enforcement GRM 08 – Policy Impact on Risk Assessments GRM 09 – Policy Reviews GRM 10 – Risk Assessments GRM 11 – Risk Management Framework
- Governance and Retention Management
- Governance and Risk Management
- Governing and Risk Metrics
Correct answer: B
Question 5
Big data includes high volume, high variety, and high velocity.
- False
- True
Correct answer: B
Question 6
Cloud applications can use virtual networks and other structures, for hyper-segregated environments.
- False
- True
Correct answer: B
Question 7
An important consideration when performing a remote vulnerability test of a cloud-based application is to
- Obtain provider permission for test
- Use techniques to evade cloud provider’s detection systems
- Use application layer testing tools exclusively
- Use network layer testing tools exclusively
- Schedule vulnerability test at night
Correct answer: A
Question 8
Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.
- Rapid elasticity
- Resource pooling
- Broad network access
- Measured service
- On-demand self-service
Correct answer: E
Question 9
REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.
- False
- True
Correct answer: B
Question 10
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?
- Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
- Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.
- Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
- Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
- Both B and C.
Correct answer: C
