CCSK Exam Questions

What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

ENISA: A reason for risk concerns of a cloud provider being acquired is:

Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?

A cloud deployment of two or more unique clouds is known as:

ENISA: Which is not one of the five key legal issues common across all scenarios:

ENISA: An example high risk role for malicious insiders within a Cloud Provider includes

What are the primary security responsibilities of the cloud provider in the management infrastructure?

What is true of a workload?

ENISA: Which is a potential security benefit of cloud computing?

The Software Defined Perimeter (SDP) includes which components?

A security failure at the root network of a cloud provider will not compromise the security of all customers because of multitenancy configuration.

When investigating an incident in an Infrastructure as a Service (IaaS) environment, what can the user investigate on their own?

If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or investigation, how is the...

The containment phase of the incident response lifecycle requires taking systems offline.

What are the primary security responsibilities of the cloud provider in compute virtualizations?

CCM: A company wants to use the IaaS offering of some CSP. Which of the following options for using CCM is NOT suitable for the company as a cloud customer?

If the management plane has been breached, you should confirm the templates/configurations for your infrastructure or applications have not also been compromised.

CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to ma...

Containers are highly portable code execution environments.

Which statement best describes the Data Security Lifecycle?

Which of the following encryption methods would be utilized when object storage is used as the back-end for an application?

In the Software-as-a-service relationship, who is responsible for the majority of the security?

What method can be utilized along with data fragmentation to enhance security?

Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?

How can web security as a service be deployed for a cloud consumer?

When configured properly, logs can track every code, infrastructure, and configuration change and connect it back to the submitter and approver, including the test results.

What of the following is NOT an essential characteristic of cloud computing?

Without virtualization, there is no cloud.

All assets require the same continuity in the cloud.

Which type of application security testing tests running applications and includes tests such as web vulnerability testing and fuzzing?

CCM: The Cloud Service Delivery Model Applicability column in the CCM indicates the applicability of the cloud security control to which of the following elements?

Any given processor and memory will nearly always be running multiple workloads, often from different tenants.

In which deployment model should the governance strategy consider the minimum common set of controls comprised of the Cloud Service Provider contract and the organization's interna...

What is known as the interface used to connect with the metastructure and configure the cloud environment?

What does it mean if the system or environment is built automatically from a template?

Which type of application security testing involves manual activity that is not necessarily integrated into automated testing?

Which meta-phase does the Cloud Security Alliance use to focus on the security and testing activities when moving code from an isolated development environment to production?

Even with immutable infrastructures, the production environment, should be actively monitored for changes and deviations from approved baselines.

Highly regulated industries such as finance and health care should consider the impact of cloud providers operating in diverse geographic locations and ______________.

The key concern of data location is:

ENISA: Licensing Risks refer to:

Which architecture for hybrid cloud connectivity allows you to connect multiple, different cloud networks to a data center using a single hybrid connection?

CCM: Which of the following statement about CSA's CCM and Security Guidance is False?

What are the barriers to developing full confidence in security as a service (SecaaS)?

Of the choices below which option allows for the most interoperability in security authentication in a cloud environment?

The key concern of data backup and recovery schemes is:

Which regulation affects data controllers with business in Japan?

Which component is a key part of software container systems?

CCM: What is the role of the Scope Applicability column in the CCM?

When considering business continuity and disaster recovery with a cloud provider, which layer of the logical stack includes code and message queues?