Weekend Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netbudy65

Dumpsbuddy Logo
  1. Home
  2. Cloud Security Alliance
  3. Cloud Security Knowledge
  4. CCSK
  5. Certificate of Cloud Security Knowledge (v4.0) Questions and Answers

CCSK Certificate of Cloud Security Knowledge (v4.0) Questions and Answers

Questions 4

What is true of a workload?

Options:

A.

It is a unit of processing that consumes memory

B.

It does not require a hardware stack

C.

It is always a virtual machine

D.

It is configured for specific, established tasks

E.

It must be containerized

Buy Now
Questions 5

Which of the following is one of the five essential characteristics of cloud computing as defined by NIST?

Options:

A.

Multi-tenancy

B.

Nation-state boundaries

C.

Measured service

D.

Unlimited bandwidth

E.

Hybrid clouds

Buy Now
Questions 6

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

Options:

A.

Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.

B.

Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.

C.

Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.

D.

Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.

E.

Both B and C.

Buy Now
Questions 7

How does running applications on distinct virtual networks and only connecting networks as needed help?

Options:

A.

It reduces hardware costs

B.

It provides dynamic and granular policies with less management overhead

C.

It locks down access and provides stronger data security

D.

It reduces the blast radius of a compromised system

E.

It enables you to configure applications around business groups

Buy Now
Questions 8

Vulnerability assessments cannot be easily integrated into CI/CD pipelines because of provider restrictions.

Options:

A.

False

B.

True

Buy Now
Questions 9

What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

Options:

A.

Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.

B.

Maintaining customer managed key management and revoking or deleting keys from the key management system to prevent the data from being accessed again.

C.

Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.

D.

Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.

E.

Both B and D.

Buy Now
Questions 10

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

Options:

A.

The metrics defining the service level required to achieve regulatory objectives.

B.

The duration of time that a security violation can occur before the client begins assessing regulatory fines.

C.

The cost per incident for security breaches of regulated information.

D.

The regulations that are pertinent to the contract and how to circumvent them.

E.

The type of security software which meets regulations and the number of licenses that will be needed.

Buy Now
Questions 11

Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.

Options:

A.

False

B.

True

Buy Now
Questions 12

Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?

Options:

A.

Data Security and Encryption

B.

Information Governance

C.

Incident Response, Notification and Remediation

D.

Compliance and Audit Management

E.

Infrastructure Security

Buy Now
Questions 13

All cloud services utilize virtualization technologies.

Options:

A.

False

B.

True

Buy Now
Questions 14

When designing an encryption system, you should start with a threat model.

Options:

A.

False

B.

True

Buy Now
Questions 15

Select the statement below which best describes the relationship between identities and attributes

Options:

A.

Attributes belong to entities and identities belong to attributes. Each attribute can have multiple identities but only one entity.

B.

An attribute is a unique object within a database. Each attribute it has a number of identities which help define its parameters.

C.

An identity is a distinct and unique object within a particular namespace. Attributes are properties which belong to an identity. Each identity can have multiple attributes.

D.

Attributes are made unique by their identities.

E.

Identities are the network names given to servers. Attributes are the characteristics of each server.

Buy Now
Questions 16

REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.

Options:

A.

False

B.

True

Buy Now
Exam Code: CCSK
Exam Name: Certificate of Cloud Security Knowledge (v4.0)
Last Update: May 18, 2024
Questions: 110

PDF + Testing Engine

$130
buy now CCSK pdf + testing engine

Testing Engine

$95
buy now CCSK testing engine

PDF (Q&A)

$80
buy now CCSK pdf