ExamGecko
Login
Home / CSA - Cloud Security Alliance / CCSK / List of questions
Ask Question

CSA - Cloud Security Alliance CCSK Practice Test - Questions Answers, Page 9

List of questions

Question 81

Report Export Collapse

Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?

Auditors working in the interest of the cloud customer
Auditors working in the interest of the cloud customer
Independent auditors
Independent auditors
Certified by CSA
Certified by CSA
Auditors working in the interest of the cloud provider
Auditors working in the interest of the cloud provider
None of the above
None of the above
Suggested answer: B
asked 16/09/2024
BETTE SLETTER
42 questions

Question 82

Report Export Collapse

Which of the following statements is true in regards to Data Loss Prevention (DLP)?

DLP can provide options for quickly deleting all of the data stored in a cloud environment.
DLP can provide options for quickly deleting all of the data stored in a cloud environment.
DLP can classify all data in a storage repository.
DLP can classify all data in a storage repository.
DLP never provides options for how data found in violation of a policy can be handled.
DLP never provides options for how data found in violation of a policy can be handled.
DLP can provide options for where data is stored.
DLP can provide options for where data is stored.
DLP can provide options for how data found in violation of a policy can be handled.
DLP can provide options for how data found in violation of a policy can be handled.
Suggested answer: E
asked 16/09/2024
Nipunika Jayasundara
40 questions

Question 83

Report Export Collapse

CCM: The Architectural Relevance column in the CCM indicates the applicability of the cloud security control to which of the following elements?

Service Provider or Tenant/Consumer
Service Provider or Tenant/Consumer
Physical, Network, Compute, Storage, Application or Data
Physical, Network, Compute, Storage, Application or Data
SaaS, PaaS or IaaS
SaaS, PaaS or IaaS
Suggested answer: C
asked 16/09/2024
Russell Ang
39 questions

Question 84

Report Export Collapse

For third-party audits or attestations, what is critical for providers to publish and customers to evaluate?

Scope of the assessment and the exact included features and services for the assessment
Scope of the assessment and the exact included features and services for the assessment
Provider infrastructure information including maintenance windows and contracts
Provider infrastructure information including maintenance windows and contracts
Network or architecture diagrams including all end point security devices in use
Network or architecture diagrams including all end point security devices in use
Service-level agreements between all parties
Service-level agreements between all parties
Full API access to all required services
Full API access to all required services
Suggested answer: C
asked 16/09/2024
Sandeep Ramakrishnan
56 questions

Question 85

Report Export Collapse

When mapping functions to lifecycle phases, which functions are required to successfully process data?

Create, Store, Use, and Share
Create, Store, Use, and Share
Create and Store
Create and Store
Create and Use
Create and Use
Create, Store, and Use
Create, Store, and Use
Create, Use, Store, and Delete
Create, Use, Store, and Delete
Suggested answer: A
asked 16/09/2024
Rahul Chugh
45 questions

Question 86

Report Export Collapse

When designing an encryption system, you should start with a threat model.

False
False
True
True
Suggested answer: B
asked 16/09/2024
Georgescu Andrei
49 questions

Question 87

Report Export Collapse

Which of the following is one of the five essential characteristics of cloud computing as defined by NIST?

Multi-tenancy
Multi-tenancy
Nation-state boundaries
Nation-state boundaries
Measured service
Measured service
Unlimited bandwidth
Unlimited bandwidth
Hybrid clouds
Hybrid clouds
Suggested answer: C
asked 16/09/2024
Mahmoud Ismail
38 questions

Question 88

Report Export Collapse

What type of information is contained in the Cloud Security Alliance's Cloud Control Matrix?

Network traffic rules for cloud environments
Network traffic rules for cloud environments
A number of requirements to be implemented, based upon numerous standards and regulatory requirements
A number of requirements to be implemented, based upon numerous standards and regulatory requirements
Federal legal business requirements for all cloud operators
Federal legal business requirements for all cloud operators
A list of cloud configurations including traffic logic and efficient routes
A list of cloud configurations including traffic logic and efficient routes
The command and control management hierarchy of typical cloud company
The command and control management hierarchy of typical cloud company
Suggested answer: B
asked 16/09/2024
Ronald Stover
44 questions

Question 89

Report Export Collapse

Vulnerability assessments cannot be easily integrated into CI/CD pipelines because of provider restrictions.

False
False
True
True
Suggested answer: A
asked 16/09/2024
Yun-Ting Lo
43 questions

Question 90

Report Export Collapse

How can key management be leveraged to prevent cloud providers from inappropriately accessing customer data?

Use strong multi-factor authentication
Use strong multi-factor authentication
Secure backup processes for key management systems
Secure backup processes for key management systems
Segregate keys from the provider hosting data
Segregate keys from the provider hosting data
Stipulate encryption in contract language
Stipulate encryption in contract language
Select cloud providers within the same country as customer
Select cloud providers within the same country as customer
Suggested answer: C
asked 16/09/2024
Steven Owens
46 questions
Total 260 questions
Go to page: of 26
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is a potential concern of using Security-as-a-Service (SecaaS)?
REST APIs are the standard for web-based services because they run over HTTPS and work wellacross diverse environments.
Which of the following statements best describes an identity federation?
Containers are highly portable code execution environments.
What are the primary security responsibilities of the cloud provider in compute virtualizations?
Which cloud security model type provides generalized templates for helping implement cloud security?
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
ENISA: “VM hopping” is:
All cloud services utilize virtualization technologies.
In the cloud provider and consumer relationship, which entity manages the virtual or abstracted infrastructure?