ExamGecko
Login
Home / CSA - Cloud Security Alliance / CCSK / List of questions
Ask Question

CSA - Cloud Security Alliance CCSK Practice Test - Questions Answers, Page 8

List of questions

Question 71

Report Export Collapse

How should an SDLC be modified to address application security in a Cloud Computing environment?

Integrated development environments
Integrated development environments
Updated threat and trust models
Updated threat and trust models
No modification is needed
No modification is needed
Just-in-time compilers
Just-in-time compilers
Both B and C
Both B and C
Suggested answer: A
asked 16/09/2024
John Kaye
33 questions

Question 72

Report Export Collapse

Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?

Data Security and Encryption
Data Security and Encryption
Information Governance
Information Governance
Incident Response, Notification and Remediation
Incident Response, Notification and Remediation
Compliance and Audit Management
Compliance and Audit Management
Infrastructure Security
Infrastructure Security
Suggested answer: C
asked 16/09/2024
louishn vn
38 questions

Question 73

Report Export Collapse

Which opportunity helps reduce common application security issues?

Elastic infrastructure
Elastic infrastructure
Default deny
Default deny
Decreased use of micro-services
Decreased use of micro-services
Segregation by default
Segregation by default
Fewer serverless configurations
Fewer serverless configurations
Suggested answer: A
asked 16/09/2024
DOMINIC FERNANDEZ
45 questions

Question 74

Report Export Collapse

What is the most significant security difference between traditional infrastructure and cloud computing?

Management plane
Management plane
Intrusion detection options
Intrusion detection options
Secondary authentication factors
Secondary authentication factors
Network access points
Network access points
Mobile security configuration options
Mobile security configuration options
Suggested answer: A
asked 16/09/2024
Thomas Spring
31 questions

Question 75

Report Export Collapse

A security failure at the root network of a cloud provider will not compromise the security of all customers because of multitenancy configuration.

False
False
True
True
Suggested answer: A
asked 16/09/2024
Florence Li
45 questions

Question 76

Report Export Collapse

When investigating an incident in an Infrastructure as a Service (IaaS) environment, what can the user investigate on their own?

The CSP server facility
The CSP server facility
The logs of all customers in a multi-tenant cloud
The logs of all customers in a multi-tenant cloud
The network components controlled by the CSP
The network components controlled by the CSP
The CSP office spaces
The CSP office spaces
Their own virtual instances in the cloud
Their own virtual instances in the cloud
Suggested answer: E
asked 16/09/2024
Peter Klaffehn
45 questions

Question 77

Report Export Collapse

If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or investigation, how is the information likely to be obtained?

It may require a subpoena of the provider directly
It may require a subpoena of the provider directly
It would require a previous access agreement
It would require a previous access agreement
It would require an act of war
It would require an act of war
It would require a previous contractual agreement to obtain the application or access to the environment
It would require a previous contractual agreement to obtain the application or access to the environment
It would never be obtained in this situation
It would never be obtained in this situation
Suggested answer: D
asked 16/09/2024
Paul Beugelsdijk
44 questions

Question 78

Report Export Collapse

The containment phase of the incident response lifecycle requires taking systems offline.

False
False
True
True
Suggested answer: B
asked 16/09/2024
Mohand TIMSILINE
45 questions

Question 79

Report Export Collapse

What are the primary security responsibilities of the cloud provider in compute virtualizations?

Enforce isolation and maintain a secure virtualization infrastructure
Enforce isolation and maintain a secure virtualization infrastructure
Monitor and log workloads and configure the security settings
Monitor and log workloads and configure the security settings
Enforce isolation and configure the security settings
Enforce isolation and configure the security settings
Maintain a secure virtualization infrastructure and configure the security settings
Maintain a secure virtualization infrastructure and configure the security settings
Enforce isolation and monitor and log workloads
Enforce isolation and monitor and log workloads
Suggested answer: A
asked 16/09/2024
Eduardo Bravo
42 questions

Question 80

Report Export Collapse

What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?

A data destruction plan
A data destruction plan
A communication plan
A communication plan
A back-up website
A back-up website
A spill remediation kit
A spill remediation kit
A rainy day fund
A rainy day fund
Suggested answer: B
asked 16/09/2024
Frantisek Kohanyi Kohanyi
44 questions
Total 260 questions
Go to page: of 26
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is a potential concern of using Security-as-a-Service (SecaaS)?
REST APIs are the standard for web-based services because they run over HTTPS and work wellacross diverse environments.
Which of the following statements best describes an identity federation?
Containers are highly portable code execution environments.
What are the primary security responsibilities of the cloud provider in compute virtualizations?
Which cloud security model type provides generalized templates for helping implement cloud security?
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
ENISA: “VM hopping” is:
All cloud services utilize virtualization technologies.
In the cloud provider and consumer relationship, which entity manages the virtual or abstracted infrastructure?