CCSK Exam Questions

All cloud services utilize virtualization technologies.

If there are gaps in network logging data, what can you do?

CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

Who is responsible for the security of the physical infrastructure and virtualization platform?

What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

CCM: The following list of controls belong to which domain of the CCM? GRM 06 '" Policy GRM 07 '" Policy Enforcement GRM 08 '" Policy Impact on Risk Assessments GRM 09 '" Policy Re...

Which attack surfaces, if any, does virtualization technology introduce?

APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

Which of the following is NOT a cloud computing characteristic that impacts incidence response?

Big data includes high volume, high variety, and high velocity.

CCM: A hypothetical company called: 'Health4Sure' is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA...

A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what...

Cloud applications can use virtual networks and other structures, for hyper-segregated environments.

Your cloud and on-premises infrastructures should always use the same network address ranges.

Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?

Why is a service type of network typically isolated on different hardware?

Which governance domain deals with evaluating how cloud computing affects compliance with internal security policies and various legal requirements, such as regulatory and legislat...

An important consideration when performing a remote vulnerability test of a cloud-based application is to

Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characterist...

REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

What is defined as the process by which an opposing party may obtain private documents for use in litigation?

What item below allows disparate directory services and independent security domains to be interconnected?

Use elastic servers when possible and move workloads to new instances.

To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?

Which data security control is the LEAST likely to be assigned to an IaaS provider?

How does virtualized storage help avoid data loss if a drive fails?

What is the newer application development methodology and philosophy focused on automation of application development and deployment?

Sending data to a provider's storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider

Select the best definition of 'compliance' from the options below.

CCM: In the CCM tool, 'Encryption and Key Management' is an example of which of the following?

In volume storage, what method is often used to support resiliency and security?

What is true of security as it relates to cloud network infrastructure?

Which statement best describes the impact of Cloud Computing on business continuity management?

What is known as a code execution environment running within an operating system that shares and uses the resources of the operating system?

Which term is used to describe the use of tools to selectively degrade portions of the cloud to continuously test business continuity?

What is true of companies considering a cloud computing business relationship?

Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

Which cloud storage technology is basically a virtual hard drive for instanced or VMs?

Which of the following items is NOT an example of Security as a Service (SecaaS)?

How is encryption managed on multi-tenant storage?

Which statement best describes why it is important to know how data is being accessed?

What is resource pooling?

Your SLA with your cloud provider ensures continuity for all services.

Which of the following is NOT normally a method for detecting and preventing data migration into the cloud?

In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing...

ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is: