[Jan 18, 2022] Latest Cloud Security Alliance CCSK Exam Practice Test To Gain Brilliante Result [Q70-Q91]

Share

Latest [Jan 18, 2022] Cloud Security Alliance CCSK Exam Practice Test To Gain Brilliante Result

Take a Leap Forward in Your Career by Earning Cloud Security Alliance CCSK


How to book the Certificate of Cloud Security Knowledge (CCSK) Exam

Follow the steps mentioned below to book the CCSk exam test:

  • Step 1: Access the Cloud Security Alliance’s website by clicking here
  • Step 2: Click the “Login to buy” button
  • Step 3: On the page that appears, create your account
  • Step 4: Select your exam and purchase the exam token
  • Step 5: After payment, follow the steps to schedule the exam

 

NEW QUESTION 70
One of the main reasons and advantage of having external audit is:

  • A. Its cheaper
  • B. Better tools used by external provider
  • C. Its independent
  • D. Internal staff is less qualified than external auditors.

Answer: C

Explanation:
All other answers are distractors. One of the primary reasons of doing external auditing is the independence of auditors.

 

NEW QUESTION 71
What is the newer application development methodology and philosophy focused on automation of application development and deployment?

  • A. Agile
  • B. SecDevOps
  • C. DevOps
  • D. BusOps
  • E. Scrum

Answer: C

 

NEW QUESTION 72
Which of the following is NOT of the essential characterstics as defined by NIST?

  • A. On-demand self service
  • B. Resource Sharing
  • C. Rapid Elastici
  • D. Resource Pooling

Answer: D

Explanation:
All others are characteristics as defined by NIST.

 

NEW QUESTION 73
Like security and compliance. BC/DR is not a shared responsibility.

  • A. True
  • B. False

Answer: A

Explanation:
This is True
Like security and compliance, BC/DR is a shared responsibility. There are aspects that the cloud provider has to manage, but the cloud customer is also ultimately responsible for how they use and manage the cloud service. This is especially true when planning for outages of the cloud provider (or parts of the cloud provider's service).
Ref Reference: CSA Security GuidelinesV.4(reproduced here for the educational purpose)

 

NEW QUESTION 74
The granting of right to access to a user. program or process. is called:

  • A. Authorization
  • B. RBAC
  • C. Authentication
  • D. Entitlement

Answer: A

Explanation:
Authorization is the process of granting of right to access to a user, program or process. It should not be confused with Authentication.

 

NEW QUESTION 75
Sending data to a provider's storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 76
Who is responsible for infrastructure Security in Software as a Service(SaaS) service model?

  • A. Cloud Customer
  • B. It's a shared responsibility between Cloud Service Provider and Cloud Customer
  • C. Cloud Service Provider
  • D. Cloud Carrier

Answer: C

Explanation:
Cloud service Provider is responsible for infrastructure in Software as a service(SaaS) service Model

 

NEW QUESTION 77
Which of the following Standards define "Application Security Management Process" (ASMP)?

  • A. ISO 27036-1
  • B. ISO 27038-1
  • C. ISO 27032-1
  • D. ISO 27034-1

Answer: D

Explanation:
The International Organization for Standardization(ISO) has developed and published ISO/ IECN27034-1,
"Information Technology, eSecurity Techniques, eApplication Security, IS0/ IEC27034-1 defines concepts, frameworks, and processes to help organizations integrate security within their software development lifecycle.

 

NEW QUESTION 78
Code execution environments that run within an operating system. sharing and leveraging resources of that operating system is called :

  • A. Instance
  • B. Virtual Machine
  • C. Sandbox
  • D. Container

Answer: D

Explanation:
Containers are code execution environments that run within an operating system(for now), sharing and leveraging resources of that operating system. While a VM is a full abstraction of an operating system, a container is a constrained place to run segregated processes while still utilizing the kernel and other capabilities of the base 0S. Multiple containers can run on the same virtual machine or be implemented without the use of VMs at all and run directly on hardware.
Reference: CSA Security Guidelines V.4(reproduced here for the educational purpose)

 

NEW QUESTION 79
Database as a Service is an example of :

  • A. Software as a Service(SaaS)
  • B. Program as a Service(PaaS)
  • C. Platform as a Service(PaaS)
  • D. Infrastructure as a Service(IaaS)

Answer: C

Explanation:
One option. frequently seen in the real world and illustrated in our model. is to build a platform on top of IaaS. A layer of integration and middleware is built on IaaS. then pooled together. orchestrated. and exposed to customers using APIs as PaaS. For example, a Database as a Service could be built by deploying modified database management system software on instances running in IaaS. The customer manages the database via API (and a web console) and accesses it either through the normal database network protocols, or, again, via API.
Ref: CSA Security Guidelines V4.0

 

NEW QUESTION 80
Stopping a function to control further risk to business is called:

  • A. Acceptance
  • B. Mitigation
  • C. Avoidance
  • D. Transference

Answer: C

Explanation:
Risk avoidance is the practice of coming up with alternatives so that the risk in question is not realised.

 

NEW QUESTION 81
Who is responsible for the safe custody, transport, data storage. and implementation of business rules in relation to the privacy?

  • A. Data custodian
  • B. Data owner
  • C. Data processor
  • D. Data controller

Answer: A

Explanation:
Data custodians are responsible for the safe custody. transport. data storage. and implementation of business rules

 

NEW QUESTION 82
A unit of processing, which can be in a virtual machine, a container, or other abstraction and always run somewhere on a processor and consume memory is called:

  • A. Controller
  • B. Host
  • C. Device
  • D. Workload

Answer: D

Explanation:
A workload is a unit of processing, which can be in a virtual machine, a container, or other abstraction.
Workloads always run somewhere on a processor and consume memory. Workloads include a very diverse range of processing tasks, which range from traditional applications running in a virtual machine on a standard operating system, to GPU- or FPGA-based specialized tasks Reference: CSA Security Guidelines V.4(reproduced here for the educational purpose)

 

NEW QUESTION 83
Which provides guidelines for organizational information security standards including the selection, implementation, and management of controls taking into consideration the organization's information security risk environments?

  • A. ISO 27001
  • B. ISO 27002
  • C. FIPS 140-2
  • D. NIST 800-9

Answer: B

Explanation:
ISO 27002 is a standard which provides detailed description of security controls and how they need to implemented to provide effective ISMS.

 

NEW QUESTION 84
As we move from Software as a Service Model towards Infrastructure as a service Model. security responsibility decreases from towards cloud consumer from that of Cloud Service Provider.

  • A. True
  • B. False

Answer: B

Explanation:
The answer is False. This is a very tricky question and it has to be read and understood well before answering.
It is always the other way around. Cloud consumer's security increases when you move from Software as a service model to Infrastructure as a Service Model.

 

NEW QUESTION 85
ISO 27001 certification can be taken as proof to achieve Third-party assessment level in CSA star program.

  • A. True
  • B. False

Answer: A

Explanation:
The CSA STAR Certification is a rigorous third-party independent assessment of the security of a cloud service provider. The technology-neutral certification leverages the requirements of the ISO/IEC
27001:2013 management system standard together with the CSA Cloud Controls Matrix.

 

NEW QUESTION 86
Private cloud model can be managed by third party who may not be part of the organization served by that private cloud.

  • A. True
  • B. False

Answer: A

Explanation:
This is true
This is a tricky question that you should look into carefully. Main purpose of private cloud is usage by one organization (use) but it can be managed by third party as well.
Definition: Private cloud
According to NIST, "the cloud infrastructure is provisioned for exclusive use by a single organisation comprising multiple consumers (e.g, business units). It may be owned, managed, and operated by the organisation, a third party or some combination of them, and it may exist on or off premises. "

 

NEW QUESTION 87
CCM: In the CCM tool, "Encryption and Key Management" is an example of which of the following?

  • A. Domain
  • B. Control Specification
  • C. Risk Impact

Answer: A

 

NEW QUESTION 88
What is resource pooling?

  • A. The dedicated computing resources of each client are pooled together in a colocation facility.
  • B. Placing Internet ("cloud") data centers near multiple sources of energy, such as hydroelectric dams.
  • C. The provider's computing resources are pooled to serve multiple consumers.
  • D. None of the above.
  • E. Internet-based CPUs are pooled to enable multi-threading.

Answer: C

 

NEW QUESTION 89
One of the primary benefits of the cloud is the ability to perform dynamic allocation of physical resources when required. The most common approach is a multi-tenant environment. However, it increases risk of disclosure of customer dat a. This can happen because of which of the following?

  • A. Tenancy termination
  • B. Increased DDoS
  • C. Isolation Failure
  • D. No disaster recovery plan

Answer: C

Explanation:
All resources allocated to a particular tenant should be "isolated" and protected to avoid disclosure of information to other tenants For example, when allocated storage is no longer needed IIS Security Considerations for Cloud Computing by a client it can be freely reallocated to another enterprise. ln that case, sensitive data could be disclosed if the storage has not been scrubbed thoroughly(e.g, using forensic software).

 

NEW QUESTION 90
Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.

  • A. Measured service
  • B. On-demand self-service
  • C. Resource pooling
  • D. Rapid elasticity
  • E. Broad network access

Answer: B

 

NEW QUESTION 91
......

Authentic Best resources for CCSK Online Practice Exam: https://www.exams4collection.com/CCSK-latest-braindumps.html

Updates Up to 365 days On Developing CCSK Braindumps: https://drive.google.com/open?id=1orI89OoP0ez-yys_nkvoRjyWQTXjlpuD