Weekend Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65percent

Welcome To DumpsPedia

CCSK Sample Questions Answers

Questions 4

The Software Defined Perimeter (SDP) includes which components?

Options:

A.

Client, Controller, and Gateway

B.

Client, Controller, Firewall, and Gateway

C.

Client, Firewall, and Gateway

D.

Controller, Firewall, and Gateway

E.

Client, Controller, and Firewall

Buy Now
Questions 5

In the cloud provider and consumer relationship, which entity

manages the virtual or abstracted infrastructure?

Options:

A.

Only the cloud consumer

B.

Only the cloud provider

C.

Both the cloud provider and consumer

D.

It is determined in the agreement between the entities

E.

It is outsourced as per the entity agreement

Buy Now
Questions 6

What type of information is contained in the Cloud Security Alliance's Cloud Control Matrix?

Options:

A.

Network traffic rules for cloud environments

B.

A number of requirements to be implemented, based upon numerous standards and regulatory requirements

C.

Federal legal business requirements for all cloud operators

D.

A list of cloud configurations including traffic logic and efficient routes

E.

The command and control management hierarchy of typical cloud company

Buy Now
Questions 7

Select the statement below which best describes the relationship between identities and attributes

Options:

A.

Attributes belong to entities and identities belong to attributes. Each attribute can have multiple identities but only one entity.

B.

An attribute is a unique object within a database. Each attribute it has a number of identities which help define its parameters.

C.

An identity is a distinct and unique object within a particular namespace. Attributes are properties which belong to an identity. Each identity can have multiple attributes.

D.

Attributes are made unique by their identities.

E.

Identities are the network names given to servers. Attributes are the characteristics of each server.

Buy Now
Questions 8

An important consideration when performing a remote vulnerability test of a cloud-based application is to

Options:

A.

Obtain provider permission for test

B.

Use techniques to evade cloud provider’s detection systems

C.

Use application layer testing tools exclusively

D.

Use network layer testing tools exclusively

E.

Schedule vulnerability test at night

Buy Now
Questions 9

When configured properly, logs can track every code, infrastructure, and configuration change and connect it back to the submitter and approver, including the test results.

Options:

A.

False

B.

True

Buy Now
Questions 10

What are the encryption options available for SaaS consumers?

Options:

A.

Any encryption option that is available for volume storage, object storage, or PaaS

B.

Provider-managed and (sometimes) proxy encryption

C.

Client/application and file/folder encryption

D.

Object encryption Volume storage encryption

Buy Now
Questions 11

Which statement best describes the Data Security Lifecycle?

Options:

A.

The Data Security Lifecycle has six stages, is strictly linear, and never varies.

B.

The Data Security Lifecycle has six stages, can be non-linear, and varies in that some data may never pass through all stages.

C.

The Data Security Lifecycle has five stages, is circular, and varies in that some data may never pass through all stages.

D.

The Data Security Lifecycle has six stages, can be non-linear, and is distinct in that data must always pass through all phases.

E.

The Data Security Lifecycle has five stages, can be non-linear, and is distinct in that data must always pass through all phases.

Buy Now
Questions 12

What is known as the interface used to connect with the metastructure and configure the cloud environment?

Options:

A.

Administrative access

B.

Management plane

C.

Identity and Access Management

D.

Single sign-on

E.

Cloud dashboard

Buy Now
Questions 13

CCM: The Architectural Relevance column in the CCM indicates the applicability of the cloud security control to which of the following elements?

Options:

A.

Service Provider or Tenant/Consumer

B.

Physical, Network, Compute, Storage, Application or Data

C.

SaaS, PaaS or IaaS

Buy Now
Questions 14

Your SLA with your cloud provider ensures continuity for all services.

Options:

A.

False

B.

True

Buy Now
Questions 15

Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

Options:

A.

Access control

B.

Federated Identity Management

C.

Authoritative source

D.

Entitlement

E.

Authentication

Buy Now
Questions 16

How can web security as a service be deployed for a cloud consumer?

Options:

A.

By proxying or redirecting web traffic to the cloud provider

B.

By utilizing a partitioned network drive

C.

On the premise through a software or appliance installation

D.

Both A and C

E.

None of the above

Buy Now
Questions 17

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

Options:

A.

Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.

B.

Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.

C.

Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.

D.

Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.

E.

Both B and C.

Buy Now
Questions 18

Any given processor and memory will nearly always be running multiple workloads, often from different tenants.

Options:

A.

False

B.

True

Buy Now
Questions 19

Which of the following statements best describes an identity

federation?

Options:

A.

A library of data definitions

B.

A group of entities which have decided to exist together in a single

cloud

C.

Identities which share similar attributes

D.

Several countries which have agreed to define their identities with

similar attributes

E.

The connection of one identity repository to another

Buy Now
Questions 20

Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?

Options:

A.

Infrastructure

B.

Datastructure

C.

Infostructure

D.

Applistructure

E.

Metastructure

Buy Now
Questions 21

Which of the following is NOT a cloud computing characteristic that impacts incidence response?

Options:

A.

The on demand self-service nature of cloud computing environments.

B.

Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.

C.

The possibility of data crossing geographic or jurisdictional boundaries.

D.

Object-based storage in a private cloud.

E.

The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.

Buy Now
Questions 22

Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?

Options:

A.

The process of specifying and maintaining access policies

B.

Checking data storage to make sure it meets compliance requirements

C.

Giving a third party vendor permission to work on your cloud solution

D.

Establishing/asserting the identity to the application

E.

Enforcing the rules by which access is granted to the resources

Buy Now
Questions 23

Without virtualization, there is no cloud.

Options:

A.

False

B.

True

Buy Now
Questions 24

How does running applications on distinct virtual networks and only connecting networks as needed help?

Options:

A.

It reduces hardware costs

B.

It provides dynamic and granular policies with less management overhead

C.

It locks down access and provides stronger data security

D.

It reduces the blast radius of a compromised system

E.

It enables you to configure applications around business groups

Buy Now
Questions 25

What is true of security as it relates to cloud network infrastructure?

Options:

A.

You should apply cloud firewalls on a per-network basis.

B.

You should deploy your cloud firewalls identical to the existing firewalls.

C.

You should always open traffic between workloads in the same virtual subnet for better visibility.

D.

You should implement a default allow with cloud firewalls and then restrict as necessary.

E.

You should implement a default deny with cloud firewalls.

Buy Now
Questions 26

Which data security control is the LEAST likely to be assigned to an IaaS provider?

Options:

A.

Application logic

B.

Access controls

C.

Encryption solutions

D.

Physical destruction

E.

Asset management and tracking

Buy Now
Questions 27

When designing an encryption system, you should start with a threat model.

Options:

A.

False

B.

True

Buy Now
Questions 28

What method can be utilized along with data fragmentation to enhance security?

Options:

A.

Encryption

B.

Organization

C.

Knowledge management

D.

IDS

E.

Insulation

Buy Now
Questions 29

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

Options:

A.

Platform-as-a-service (PaaS)

B.

Desktop-as-a-service (DaaS)

C.

Infrastructure-as-a-service (IaaS)

D.

Identity-as-a-service (IDaaS)

E.

Software-as-a-service (SaaS)

Buy Now
Questions 30

If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or investigation, how is the information likely to be obtained?

Options:

A.

It may require a subpoena of the provider directly

B.

It would require a previous access agreement

C.

It would require an act of war

D.

It would require a previous contractual agreement to obtain the application or access to the environment

E.

It would never be obtained in this situation

Buy Now
Questions 31

Which type of application security testing tests running applications and includes tests such as web vulnerability testing and fuzzing?

Options:

A.

Code Review

B.

Static Application Security Testing (SAST)

C.

Unit Testing

D.

Functional Testing

E.

Dynamic Application Security Testing (DAST)

Buy Now
Questions 32

When investigating an incident in an Infrastructure as a Service (IaaS) environment, what can the user investigate on their own?

Options:

A.

The CSP server facility

B.

The logs of all customers in a multi-tenant cloud

C.

The network components controlled by the CSP

D.

The CSP office spaces

E.

Their own virtual instances in the cloud

Buy Now
Questions 33

Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?

Options:

A.

Auditors working in the interest of the cloud customer

B.

Independent auditors

C.

Certified by CSA

D.

Auditors working in the interest of the cloud provider

E.

None of the above

Buy Now
Questions 34

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

Options:

A.

The metrics defining the service level required to achieve regulatory objectives.

B.

The duration of time that a security violation can occur before the client begins assessing regulatory fines.

C.

The cost per incident for security breaches of regulated information.

D.

The regulations that are pertinent to the contract and how to circumvent them.

E.

The type of security software which meets regulations and the number of licenses that will be needed.

Buy Now
Questions 35

In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

Options:

A.

Multi-application, single tenant environments

B.

Long distance relationships

C.

Multi-tenant environments

D.

Distributed computing arrangements

E.

Single tenant environments

Buy Now
Exam Code: CCSK
Exam Name: Certificate of Cloud Security Knowledge (v4.0)
Last Update: Oct 9, 2024
Questions: 117
$56  $159.99
$42  $119.99
$35  $99.99
buy now CCSK