CSA - Cloud Security Alliance CCSK Practice Test - Questions Answers, Page 2

CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients. Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?

A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?

Cloud applications can use virtual networks and other structures, for hyper-segregated environments.

Your cloud and on-premises infrastructures should always use the same network address ranges.

Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?

Why is a service type of network typically isolated on different hardware?

Which governance domain deals with evaluating how cloud computing affects compliance with internal security policies and various legal requirements, such as regulatory and legislative?

An important consideration when performing a remote vulnerability test of a cloud-based application is to

Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.