CSA Cert CCSK Certificate of Cloud Security Knowledge Online Training
CSA Cert CCSK Online Training
The questions for CCSK were last updated at Nov 19,2024.
- Exam Code: CCSK
- Exam Name: Certificate of Cloud Security Knowledge
- Certification Provider: CSA Cert
- Latest update: Nov 19,2024
ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:
- A . Lack of completeness and transparency in terms of use
- B . Lack of information on jurisdictions
- C . No source escrow agreement
- D . Unclear asset ownership
- E . Audit or certification not available to customers
REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.
- A . False
- B . True
ENISA: Which is a potential security benefit of cloud computing?
- A . More efficient and timely system updates
- B . ISO 27001 certification
- C . Provider can obfuscate system O/S and versions
- D . Greater compatibility with customer IT infrastructure
- E . Lock-In
Sending data to a provider’s storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider
- A . False
- B . True
ENISA: An example high risk role for malicious insiders within a Cloud Provider includes
- A . Sales
- B . Marketing
- C . Legal counsel
- D . Auditors
- E . Accounting
Which of the following is NOT a cloud computing characteristic that impacts incidence response?
- A . The on demand self-service nature of cloud computing environments.
- B . Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
- C . The possibility of data crossing geographic or jurisdictional boundaries.
- D . Object-based storage in a private cloud.
- E . The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?
- A . Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
- B . Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.
- C . Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
- D . Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
- E . Both B and C.
In the Software-as-a-service relationship, who is responsible for the majority of the security?
- A . Application Consumer
- B . Database Manager
- C . Application Developer
- D . Cloud Provider
- E . Web Application CISO
What is true of companies considering a cloud computing business relationship?
- A . The laws protecting customer data are based on the cloud provider and customer location only.
- B . The confidentiality agreements between companies using cloud computing services is limited legally to the company, not the provider.
- C . The companies using the cloud providers are the custodians of the data entrusted to them.
- D . The cloud computing companies are absolved of all data security and associated risks through contracts and data laws.
- E . The cloud computing companies own all customer data.
Latest CCSK Dumps Valid Version with 60 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
