Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Certensure Logo
  1. Home
  2. Cloud Security Alliance
  3. Cloud Security Knowledge
  4. CCSK - Certificate of Cloud Security Knowledge (v4.0)

Cloud Security Alliance CCSK Certificate of Cloud Security Knowledge (v4.0) Exam Practice Test

Demo: 16 questions
Total 110 questions
Get CCSK Full Access Download CCSK PDF

Certificate of Cloud Security Knowledge (v4.0) Questions and Answers

Question 1

A security failure at the root network of a cloud provider will not compromise the security of all customers because of multitenancy configuration.

Options:

A.

False

B.

True

Question 2

Which of the following is one of the five essential characteristics of cloud computing as defined by NIST?

Options:

A.

Multi-tenancy

B.

Nation-state boundaries

C.

Measured service

D.

Unlimited bandwidth

E.

Hybrid clouds

Question 3

ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:

Options:

A.

Lack of completeness and transparency in terms of use

B.

Lack of information on jurisdictions

C.

No source escrow agreement

D.

Unclear asset ownership

E.

Audit or certification not available to customers

Question 4

What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?

Options:

A.

A data destruction plan

B.

A communication plan

C.

A back-up website

D.

A spill remediation kit

E.

A rainy day fund

Question 5

The Software Defined Perimeter (SDP) includes which components?

Options:

A.

Client, Controller, and Gateway

B.

Client, Controller, Firewall, and Gateway

C.

Client, Firewall, and Gateway

D.

Controller, Firewall, and Gateway

E.

Client, Controller, and Firewall

Question 6

CCM: The Cloud Service Delivery Model Applicability column in the CCM indicates the applicability of the cloud security control to which of the following elements?

Options:

A.

Mappings to well-known standards and frameworks

B.

Service Provider or Tenant/Consumer

C.

Physical, Network, Compute, Storage, Application or Data

D.

SaaS, PaaS or IaaS

Question 7

Containers are highly portable code execution environments.

Options:

A.

False

B.

True

Question 8

If there are gaps in network logging data, what can you do?

Options:

A.

Nothing. There are simply limitations around the data that can be logged in the cloud.

B.

Ask the cloud provider to open more ports.

C.

You can instrument the technology stack with your own logging.

D.

Ask the cloud provider to close more ports.

E.

Nothing. The cloud provider must make the information available.

Question 9

Which statement best describes why it is important to know how data is being accessed?

Options:

A.

The devices used to access data have different storage formats.

B.

The devices used to access data use a variety of operating systems and may have different programs installed on them.

C.

The device may affect data dispersion.

D.

The devices used to access data use a variety of applications or clients and may have different security characteristics.

E.

The devices used to access data may have different ownership characteristics.

Question 10

In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

Options:

A.

Multi-application, single tenant environments

B.

Long distance relationships

C.

Multi-tenant environments

D.

Distributed computing arrangements

E.

Single tenant environments

Question 11

Select the statement below which best describes the relationship between identities and attributes

Options:

A.

Attributes belong to entities and identities belong to attributes. Each attribute can have multiple identities but only one entity.

B.

An attribute is a unique object within a database. Each attribute it has a number of identities which help define its parameters.

C.

An identity is a distinct and unique object within a particular namespace. Attributes are properties which belong to an identity. Each identity can have multiple attributes.

D.

Attributes are made unique by their identities.

E.

Identities are the network names given to servers. Attributes are the characteristics of each server.

Question 12

Which statement best describes the Data Security Lifecycle?

Options:

A.

The Data Security Lifecycle has six stages, is strictly linear, and never varies.

B.

The Data Security Lifecycle has six stages, can be non-linear, and varies in that some data may never pass through all stages.

C.

The Data Security Lifecycle has five stages, is circular, and varies in that some data may never pass through all stages.

D.

The Data Security Lifecycle has six stages, can be non-linear, and is distinct in that data must always pass through all phases.

E.

The Data Security Lifecycle has five stages, can be non-linear, and is distinct in that data must always pass through all phases.

Question 13

What of the following is NOT an essential characteristic of cloud computing?

Options:

A.

Broad Network Access

B.

Measured Service

C.

Third Party Service

D.

Rapid Elasticity

E.

Resource Pooling

Question 14

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

Options:

A.

Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.

B.

Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.

C.

Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.

D.

Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.

E.

Both B and C.

Question 15

APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

Options:

A.

False

B.

True

Question 16

Network logs from cloud providers are typically flow records, not full packet captures.

Options:

A.

False

B.

True

Load More CCSK Questions
Demo: 16 questions
Total 110 questions
Get CCSK Full Access Download CCSK PDF