Get Prepared for Your CCSK Exam With Actual Cloud Security Alliance Study Guide!
Pass Your Next CCSK Certification Exam Easily & Hassle Free
Cloud Security Alliance CCSK Exam Certification Details:
| Sample Questions | Cloud Security Alliance CCSK Sample Questions |
| Schedule Exam | PEARSON VUE |
| Duration | 90 minutes |
| Exam Code | CCSK |
| Exam Name | CSA Certificate of Cloud Security Knowledge (CCSK Foundation) |
NEW QUESTION 21
Big data includes high volume, high variety, and high velocity.
- A. True
- B. False
Answer: A
NEW QUESTION 22
How should an SDLC be modified to address application security in a Cloud Computing environment?
- A. Integrated development environments
- B. Just-in-time compilers
- C. Updated threat and trust models
- D. No modification is needed
- E. Both B and C
Answer: A
NEW QUESTION 23
How does running applications on distinct virtual networks and only connecting networks as needed help?
- A. It reduces hardware costs
- B. It enables you to configure applications around business groups
- C. It provides dynamic and granular policies with less management overhead
- D. It locks down access and provides stronger data security
- E. It reduces the blast radius of a compromised system
Answer: E
NEW QUESTION 24
To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?
- A. Provider and consumer contracts
- B. Third-party attestations
- C. Provider run audits and reports
- D. EDiscovery tools
- E. Provider documentation
Answer: B
NEW QUESTION 25
Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.
- A. True
- B. False
Answer: A
NEW QUESTION 26
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?
- A. An entry log
- B. An access log
- C. A validation process
- D. A support table
- E. An entitlement matrix
Answer: C
NEW QUESTION 27
What are the primary security responsibilities of the cloud provider in compute virtualizations?
- A. Enforce isolation and maintain a secure virtualization infrastructure
- B. Maintain a secure virtualization infrastructure and configure the security settings
- C. Enforce isolation and monitor and log workloads
- D. Monitor and log workloads and configure the security settings
- E. Enforce isolation and configure the security settings
Answer: A
NEW QUESTION 28
When Database as a Service is offered on Platform as a Service(PaaS) model, who is responsible for security features that needs to applied to the Databases?
- A. Cloud Carrier
- B. Cloud Access Security Broker (CASB)
- C. Cloud Service Provider
- D. Cloud Consumer
Answer: D
Explanation:
This is a tricky question.
When using a Database as a Service, the provider manages fundamental security, patching, and core configuration, while the cloud user is responsible for everything else, including which security features of the database to use, managing accounts, or even authentication methods.
Ref: CSA Security Guidelines v4.0
NEW QUESTION 29
Which of the following functions maps to all the phases of Data security life cycle?
- A. Store
- B. Read/Access
- C. Destroy
- D. Process
Answer: B
Explanation:
Functions: There are three things we can do with a given datum:
. Read, View/read the data, including creating, copying, file transfers, dissemination, and other exchanges of information.
* Process. Perform a transaction on the data; update it; use it in a business processing transaction, etc.
. Store, Hold the data (in a file, database, etc.).
NEW QUESTION 30
Sara has a very old application running in her infrastructure. It is difficult to migrate to the cloud.
Instead, she opted to get a new custom application built in the cloud. What service model she should for, if the application is going to use a combination of various languages and databases?
- A. XaaS
- B. PaaS
- C. IaaS
- D. SaaS
Answer: B
Explanation:
It will best for Sara to use PaaS as a service delivery model as it will provide multiple hosting environments, PaaS Key characteristics are:
- Support multiple languages and frameworks
- Multiple hosting environments
- Flexibility(plugins)
- Allow choice and reduce lock-in
- Ability to auto-scale
NEW QUESTION 31
Which of the following is not one of the categories of risks as defined in, ENISA (European Network and Information Security Agency) document on Security risk and recommendation?
- A. Policy and organisational risk
- B. Environmental Risk
- C. Technical Risk
- D. Legal Risk
Answer: B
Explanation:
Environmental Risk are not defined as a category in the ENISA document however. all the other three are defined as categories.
NEW QUESTION 32
Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?
- A. Metastructure
- B. Datastructure
- C. Applistructure
- D. Infrastructure
- E. Infostructure
Answer: D
NEW QUESTION 33
Exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations, are called:
- A. Vulnerbilities
- B. Threats
- C. Honepots
- D. Threat Agents
Answer: A
Explanation:
It's a definition of System Vulnerability.
NEW QUESTION 34
"Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms" Which of the following characterstics defines this
- A. Broad network access
- B. Rapid elasticity
- C. 0n-demand self-service
- D. Resource pooling
Answer: C
NEW QUESTION 35
Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.
- A. Measured service
- B. Broad network access
- C. Rapid elasticity
- D. On-demand self-service
- E. Resource pooling
Answer: D
NEW QUESTION 36
One of the part of STRIDE model is:
- A. Security
- B. Denial of Service
- C. Reputation
- D. Redundancy
Answer: B
Explanation:
The six components that made STRIDE are:
1. Spoofing: Attacker assumes identity of subject
2. Tampering: Data or messages altered by an attacker
3. Repudiation: illegitimate denial of an event
4. Information disclosure: Information obtained without authorization
5. Denial of service: Attacker overloads system to deny legitimate access
6. Elevation of privilege: Attacker gains a privilege level above what is permitted
NEW QUESTION 37
In which cloud service model is the customer only responsible for the data?
- A. IaaS
- B. CaaS
- C. SaaS
- D. PaaS
Answer: C
Explanation:
SaaS is the model in which the customer supplies only the data; in the other models, the customer also supplies the 0S, the application, or both.
NEW QUESTION 38
Which one of the following is not a risk mitigation strategy?
- A. Transfer
- B. Suppression
- C. Avoidance
- D. Acceptance
Answer: B
Explanation:
Following are the risk mitigation strategies
NEW QUESTION 39
......
Cloud Security Alliance CCSK Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
Ace CCSK Certification with 112 Actual Questions: https://www.realexamfree.com/CCSK-real-exam-dumps.html
Free Cloud Security Alliance CCSK Exam Question Practice Exams: https://drive.google.com/open?id=1L134QuP5s_ekl4gm1Tlr1VmdGeBQX7ku
