ExamGecko
Login
Home / CSA - Cloud Security Alliance / CCSK / List of questions
Ask Question

CSA - Cloud Security Alliance CCSK Practice Test - Questions Answers

List of questions

Question 1

Report Export Collapse

All cloud services utilize virtualization technologies.

False
False
True
True
Suggested answer: B
asked 16/09/2024
JULIUS BALNEG
42 questions

Question 2

Report Export Collapse

If there are gaps in network logging data, what can you do?

Nothing. There are simply limitations around the data that can be logged in the cloud.
Nothing. There are simply limitations around the data that can be logged in the cloud.
Ask the cloud provider to open more ports.
Ask the cloud provider to open more ports.
You can instrument the technology stack with your own logging.
You can instrument the technology stack with your own logging.
Ask the cloud provider to close more ports.
Ask the cloud provider to close more ports.
Nothing. The cloud provider must make the information available.
Nothing. The cloud provider must make the information available.
Suggested answer: C
asked 16/09/2024
Edwin Daneel
35 questions

Question 3

Report Export Collapse

CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

Risk Impact
Risk Impact
Domain
Domain
Control Specification
Control Specification
Suggested answer: C
asked 16/09/2024
Akash Makkar
42 questions

Question 4

Report Export Collapse

Who is responsible for the security of the physical infrastructure and virtualization platform?

The cloud consumer
The cloud consumer
The majority is covered by the consumer
The majority is covered by the consumer
It depends on the agreement
It depends on the agreement
The responsibility is split equally
The responsibility is split equally
The cloud provider
The cloud provider
Suggested answer: E
asked 16/09/2024
javier mungaray
43 questions

Question 5

Report Export Collapse

What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

The physical location of the data and how it is accessed
The physical location of the data and how it is accessed
The fragmentation and encryption algorithms employed
The fragmentation and encryption algorithms employed
The language of the data and how it affects the user
The language of the data and how it affects the user
The implications of storing complex information on simple storage systems
The implications of storing complex information on simple storage systems
The actual size of the data and the storage format
The actual size of the data and the storage format
Suggested answer: D
asked 16/09/2024
mr Craig Ferguson
39 questions

Question 6

Report Export Collapse

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

Platform-as-a-service (PaaS)
Platform-as-a-service (PaaS)
Desktop-as-a-service (DaaS)
Desktop-as-a-service (DaaS)
Infrastructure-as-a-service (IaaS)
Infrastructure-as-a-service (IaaS)
Identity-as-a-service (IDaaS)
Identity-as-a-service (IDaaS)
Software-as-a-service (SaaS)
Software-as-a-service (SaaS)
Suggested answer: A
asked 16/09/2024
Johan Wu
30 questions

Question 7

Report Export Collapse

CCM: The following list of controls belong to which domain of the CCM?

GRM 06 – Policy

GRM 07 – Policy Enforcement

GRM 08 – Policy Impact on Risk Assessments

GRM 09 – Policy Reviews

GRM 10 – Risk Assessments

GRM 11 – Risk Management Framework

Governance and Retention Management
Governance and Retention Management
Governance and Risk Management
Governance and Risk Management
Governing and Risk Metrics
Governing and Risk Metrics
Suggested answer: B
asked 16/09/2024
Jarod Simmons
45 questions

Question 8

Report Export Collapse

Which attack surfaces, if any, does virtualization technology introduce?

The hypervisor
The hypervisor
Virtualization management components apart from the hypervisor
Virtualization management components apart from the hypervisor
Configuration and VM sprawl issues
Configuration and VM sprawl issues
All of the above
All of the above
Suggested answer: D
asked 16/09/2024
Krzysztof Dyrdal
50 questions

Question 9

Report Export Collapse

APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

False
False
True
True
Suggested answer: B
asked 16/09/2024
Ali Alaqoul
39 questions

Question 10

Report Export Collapse

Which of the following is NOT a cloud computing characteristic that impacts incidence response?

The on demand self-service nature of cloud computing environments.
The on demand self-service nature of cloud computing environments.
Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
The possibility of data crossing geographic or jurisdictional boundaries.
The possibility of data crossing geographic or jurisdictional boundaries.
Object-based storage in a private cloud.
Object-based storage in a private cloud.
The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
Suggested answer: B
asked 16/09/2024
Aung Aung Myo Myint
47 questions
Total 260 questions
Go to page: of 26
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is a potential concern of using Security-as-a-Service (SecaaS)?
REST APIs are the standard for web-based services because they run over HTTPS and work wellacross diverse environments.
Which of the following statements best describes an identity federation?
Containers are highly portable code execution environments.
What are the primary security responsibilities of the cloud provider in compute virtualizations?
Which cloud security model type provides generalized templates for helping implement cloud security?
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
ENISA: “VM hopping” is:
All cloud services utilize virtualization technologies.
In the cloud provider and consumer relationship, which entity manages the virtual or abstracted infrastructure?