nerdexam
CSA

CCSK · Question #202

CCSK Question #202: Real Exam Question with Answer & Explanation

The correct answer is E. Metadata (if available). Legal experts advise cloud providers to protect metadata as secondary information because it can reveal sensitive details about primary customer data even when the data itself is protected.

Question

In addition to preserving primary customer data, legal experts advise cloud providers to protect secondary information such as

Options

  • ADatacenter visitors log
  • BThird party contracts
  • COperating system configuration scripts
  • DDatabases of relevant regulations
  • EMetadata (if available)

Explanation

Legal experts advise cloud providers to protect metadata as secondary information because it can reveal sensitive details about primary customer data even when the data itself is protected.

Common mistakes.

  • A. Datacenter visitor logs are operational security records, not secondary information specifically associated with customer data that legal experts designate for customer data protection.
  • B. Third-party contracts are business agreements between the provider and vendors, not secondary data tied to individual customer datasets.
  • C. Operating system configuration scripts are infrastructure management assets, not data-associated secondary information relevant to customer data protection.
  • D. Regulatory databases are reference materials used by the provider internally, not secondary information generated from or associated with customer data.

Concept tested. Cloud data protection - metadata as legally sensitive secondary data

Reference. https://cloudsecurityalliance.org/research/guidance/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CCSK Practice
In addition to preserving primary customer data, legal experts... | CCSK Q#202 Answer | NerdExam