CCSK Practice Exam Questions with Answers Certificate of Cloud Security Knowledge (v4.0) Certification

Question # 6

ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:

Lack of completeness and transparency in terms of use

Lack of information on jurisdictions

No source escrow agreement

Unclear asset ownership

Audit or certification not available to customers

Full Access

Question # 7

Which opportunity helps reduce common application security issues?

Elastic infrastructure

Default deny

Decreased use of micro-services

Segregation by default

Fewer serverless configurations

Full Access

Question # 8

If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or investigation, how is the information likely to be obtained?

It may require a subpoena of the provider directly

It would require a previous access agreement

It would require an act of war

It would require a previous contractual agreement to obtain the application or access to the environment

It would never be obtained in this situation

Full Access

Question # 9

What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.

Maintaining customer managed key management and revoking or deleting keys from the key management system to prevent the data from being accessed again.

Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.

Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.

Both B and D.

Full Access

Question # 10

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

Platform-as-a-service (PaaS)

Desktop-as-a-service (DaaS)

Infrastructure-as-a-service (IaaS)

Identity-as-a-service (IDaaS)

Software-as-a-service (SaaS)

Full Access

Question # 11

If the management plane has been breached, you should confirm the templates/configurations for your infrastructure or applications have not also been compromised.

False

True

Full Access

Question # 12

Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

Access control

Federated Identity Management

Authoritative source

Entitlement

Authentication

Full Access

Question # 13

What is defined as the process by which an opposing party may obtain private documents for use in litigation?

Discovery

Custody

Subpoena

Risk Assessment

Scope

Full Access

Question # 14

Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.

False

True

Full Access

Question # 15

CCM: In the CCM tool, “Encryption and Key Management” is an example of which of the following?

Risk Impact

Domain

Control Specification

Full Access

Question # 16

CCM: The following list of controls belong to which domain of the CCM?

GRM 06 – Policy GRM 07 – Policy Enforcement GRM 08 – Policy Impact on Risk Assessments GRM 09 – Policy Reviews GRM 10 – Risk Assessments GRM 11 – Risk Management Framework

Governance and Retention Management

Governance and Risk Management

Governing and Risk Metrics

Full Access

Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

Contact Email:

Crack4sure Logo

Main Navigation

CCSK PDF

$38.5

$109.99

CCSK PDF + Testing Engine

$61.6

$175.99

CCSK Engine

$46.2

$131.99

CCSK Practice Exam Questions with Answers Certificate of Cloud Security Knowledge (v4.0) Certification

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

QUICK LINKS

SUPPORT

PAYMENT METHOD

Site Secure

CONTACT US