Labour Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Examstrust Logo
examstrust mcafee
  1. Home
  2. Cloud Security Alliance
  3. Cloud Security Knowledge
  4. CCSK - Certificate of Cloud Security Knowledge (v4.0)

Cloud Security Alliance CCSK Certificate of Cloud Security Knowledge (v4.0) Exam Practice Test

Page: 1 / 11
Total 110 questions
Get CCSK Full Access Download CCSK PDF

Certificate of Cloud Security Knowledge (v4.0) Questions and Answers

PDF + Testing Engine

  • Product Type: PDF + Testing Engine
$59.5  $169.99
Add to Cart

Testing Engine

  • Product Type: Testing Engine
$42  $119.99
Add to Cart

PDF Study Guide

  • Product Type: PDF Study Guide
$36.75  $104.99
Add to Cart
Question 1

Which of the following statements is true in regards to Data Loss Prevention (DLP)?

Options:

A.

DLP can provide options for quickly deleting all of the data stored in a cloud environment.

B.

DLP can classify all data in a storage repository.

C.

DLP never provides options for how data found in violation of a policy can be handled.

D.

DLP can provide options for where data is stored.

E.

DLP can provide options for how data found in violation of a policy can be handled.

Question 2

Select the best definition of “compliance” from the options below.

Options:

A.

The development of a routine that covers all necessary security measures.

B.

The diligent habits of good security practices and recording of the same.

C.

The timely and efficient filing of security reports.

D.

The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.

E.

The process of completing all forms and paperwork necessary to develop a defensible paper trail.

Question 3

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

Options:

A.

The metrics defining the service level required to achieve regulatory objectives.

B.

The duration of time that a security violation can occur before the client begins assessing regulatory fines.

C.

The cost per incident for security breaches of regulated information.

D.

The regulations that are pertinent to the contract and how to circumvent them.

E.

The type of security software which meets regulations and the number of licenses that will be needed.

Question 4

Which opportunity helps reduce common application security issues?

Options:

A.

Elastic infrastructure

B.

Default deny

C.

Decreased use of micro-services

D.

Segregation by default

E.

Fewer serverless configurations

Question 5

CCM: The following list of controls belong to which domain of the CCM?

GRM 06 – Policy GRM 07 – Policy Enforcement GRM 08 – Policy Impact on Risk Assessments GRM 09 – Policy Reviews GRM 10 – Risk Assessments GRM 11 – Risk Management Framework

Options:

A.

Governance and Retention Management

B.

Governance and Risk Management

C.

Governing and Risk Metrics

Question 6

Any given processor and memory will nearly always be running multiple workloads, often from different tenants.

Options:

A.

False

B.

True

Question 7

What method can be utilized along with data fragmentation to enhance security?

Options:

A.

Encryption

B.

Organization

C.

Knowledge management

D.

IDS

E.

Insulation

Question 8

All assets require the same continuity in the cloud.

Options:

A.

False

B.

True

Question 9

What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?

Options:

A.

A data destruction plan

B.

A communication plan

C.

A back-up website

D.

A spill remediation kit

E.

A rainy day fund

Question 10

ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:

Options:

A.

Lack of completeness and transparency in terms of use

B.

Lack of information on jurisdictions

C.

No source escrow agreement

D.

Unclear asset ownership

E.

Audit or certification not available to customers

Question 11

If there are gaps in network logging data, what can you do?

Options:

A.

Nothing. There are simply limitations around the data that can be logged in the cloud.

B.

Ask the cloud provider to open more ports.

C.

You can instrument the technology stack with your own logging.

D.

Ask the cloud provider to close more ports.

E.

Nothing. The cloud provider must make the information available.

Question 12

What is defined as the process by which an opposing party may obtain private documents for use in litigation?

Options:

A.

Discovery

B.

Custody

C.

Subpoena

D.

Risk Assessment

E.

Scope

Question 13

When configured properly, logs can track every code, infrastructure, and configuration change and connect it back to the submitter and approver, including the test results.

Options:

A.

False

B.

True

Question 14

In which deployment model should the governance strategy consider the minimum common set of controls comprised of the Cloud Service Provider contract and the organization's internal governance agreements?

Options:

A.

Public

B.

PaaS

C.

Private

D.

IaaS

E.

Hybrid

Question 15

Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?

Options:

A.

The process of specifying and maintaining access policies

B.

Checking data storage to make sure it meets compliance requirements

C.

Giving a third party vendor permission to work on your cloud solution

D.

Establishing/asserting the identity to the application

E.

Enforcing the rules by which access is granted to the resources

Question 16

CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in

their production environment. Which of the following Change Control & Configuration Management production environment specific control should they implement in this scenario?

Options:

A.

Policies and procedures shall be established for managing the risks associated with applying changes to business-critical or customer (tenant)-impacting (physical and virtual) applications and system-

system interface (API) designs and configurations, infrastructure network and systems components.

B.

Policies and procedures shall be established, and supporting business processes and technical measures implemented, to restrict the installation of unauthorized software on organizationally-owned or

managed user end-point devices (e.g. issued workstations, laptops, and mobile devices) and IT infrastructure network and systems components.

C.

All cloud-based services used by the company's mobile devices or BYOD shall be pre-approved for usage and the storage of company business data.

D.

None of the above

Load More CCSK Questions
Page: 1 / 11
Total 110 questions
Get CCSK Full Access Download CCSK PDF