ExamGecko
Login
Home / CSA - Cloud Security Alliance / CCSK / List of questions
Ask Question

CSA - Cloud Security Alliance CCSK Practice Test - Questions Answers, Page 4

List of questions

Question 31

Report Export Collapse

Sending data to a provider’s storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider

False
False
True
True
Suggested answer: B
asked 16/09/2024
Brad Mateski
44 questions

Question 32

Report Export Collapse

What is true of searching data across cloud environments?

You might not have the ability or administrative rights to search or access all hosted data.
You might not have the ability or administrative rights to search or access all hosted data.
The cloud provider must conduct the search with the full administrative controls.
The cloud provider must conduct the search with the full administrative controls.
All cloud-hosted email accounts are easily searchable.
All cloud-hosted email accounts are easily searchable.
Search and discovery time is always factored into a contract between the consumer and provider.
Search and discovery time is always factored into a contract between the consumer and provider.
You can easily search across your environment using any E-Discovery tool.
You can easily search across your environment using any E-Discovery tool.
Suggested answer: A
asked 16/09/2024
Aleksandar Jovasevic
52 questions

Question 33

Report Export Collapse

How does running applications on distinct virtual networks and only connecting networks as needed help?

It reduces hardware costs
It reduces hardware costs
It provides dynamic and granular policies with less management overhead
It provides dynamic and granular policies with less management overhead
It locks down access and provides stronger data security
It locks down access and provides stronger data security
It reduces the blast radius of a compromised system
It reduces the blast radius of a compromised system
It enables you to configure applications around business groups
It enables you to configure applications around business groups
Suggested answer: D
asked 16/09/2024
Derek Steven Schulte
47 questions

Question 34

Report Export Collapse

How can virtual machine communications bypass network security controls?

VM communications may use a virtual network on the same hardware host
VM communications may use a virtual network on the same hardware host
The guest OS can invoke stealth mode
The guest OS can invoke stealth mode
Hypervisors depend upon multiple network interfaces
Hypervisors depend upon multiple network interfaces
VM images can contain rootkits programmed to bypass firewalls
VM images can contain rootkits programmed to bypass firewalls
Most network security systems do not recognize encrypted VM traffic
Most network security systems do not recognize encrypted VM traffic
Suggested answer: A
asked 16/09/2024
Adriano Costa
44 questions

Question 35

Report Export Collapse

ENISA: “VM hopping” is:

Improper management of VM instances, causing customer VMs to be commingled with other customer systems.
Improper management of VM instances, causing customer VMs to be commingled with other customer systems.
Looping within virtualized routing systems.
Looping within virtualized routing systems.
Lack of vulnerability management standards.
Lack of vulnerability management standards.
Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
Instability in VM patch management causing VM routing errors.
Instability in VM patch management causing VM routing errors.
Suggested answer: D
asked 16/09/2024
Fakhruddin Abbas
35 questions

Question 36

Report Export Collapse

Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

Access control
Access control
Federated Identity Management
Federated Identity Management
Authoritative source
Authoritative source
Entitlement
Entitlement
Authentication
Authentication
Suggested answer: D
asked 16/09/2024
Trevore Agee
30 questions

Question 37

Report Export Collapse

Which concept provides the abstraction needed for resource pools?

Virtualization
Virtualization
Applistructure
Applistructure
Hypervisor
Hypervisor
Metastructure
Metastructure
Orchestration
Orchestration
Suggested answer: A
asked 16/09/2024
Karthika Aravinth
36 questions

Question 38

Report Export Collapse

Network logs from cloud providers are typically flow records, not full packet captures.

False
False
True
True
Suggested answer: B
asked 16/09/2024
Vinayak H
38 questions

Question 39

Report Export Collapse

Select the best definition of “compliance” from the options below.

The development of a routine that covers all necessary security measures.
The development of a routine that covers all necessary security measures.
The diligent habits of good security practices and recording of the same.
The diligent habits of good security practices and recording of the same.
The timely and efficient filing of security reports.
The timely and efficient filing of security reports.
The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.
The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.
The process of completing all forms and paperwork necessary to develop a defensible paper trail.
The process of completing all forms and paperwork necessary to develop a defensible paper trail.
Suggested answer: D
asked 16/09/2024
Kris Dayananda
41 questions

Question 40

Report Export Collapse

CCM: In the CCM tool, “Encryption and Key Management” is an example of which of the following?

Risk Impact
Risk Impact
Domain
Domain
Control Specification
Control Specification
Suggested answer: B
asked 16/09/2024
Rehan Malik
54 questions
Total 260 questions
Go to page: of 26
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is a potential concern of using Security-as-a-Service (SecaaS)?
REST APIs are the standard for web-based services because they run over HTTPS and work wellacross diverse environments.
Which of the following statements best describes an identity federation?
Containers are highly portable code execution environments.
What are the primary security responsibilities of the cloud provider in compute virtualizations?
Which cloud security model type provides generalized templates for helping implement cloud security?
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
ENISA: “VM hopping” is:
All cloud services utilize virtualization technologies.
In the cloud provider and consumer relationship, which entity manages the virtual or abstracted infrastructure?