CCSK EXAM SIMULATOR
1. Which of the following is a key area of control for the cloud provider network architecture?
2. Which of the following is an important consideration in management plane usage?
3. Business Continuity and Disaster Recovery is not a shared responsibility and the cloud user is completely responsible for it.
4. Which process is used to determine and defend the applications from any weakness before they are introduced into production?
5. Which of the following statements regarding risk transfer is not true?
6. Which of the following is among the top security benefits?
7. Who manages the web console which is one of the ways the management plane is delivered?
8. All assets in the cloud require same business continuity.
9. How can a single administrator access multiple service administrator accounts with just the privileges they need for that particular action?
10. Dedicated or private tenancy model is not possible in a cloud environment.
11. How can web security as a service be offered to the cloud customer?
12. Which plane is used by consumers to launch virtual machines or configuring virtual networks?
13. Identity and Access Management (IAM) includes which of the following?
14. The main difference between traditional virtualization and cloud computing and is abstraction.
15. Which of the following statements regarding SDN (Software Defined Networking) is not true?
16. In which of the five main phases of secure application design and development, you perform Threat Modelling?
17. Which of the following is a key tool in enabling and enforcing separation and isolation in multi-tenancy environment?
18. What is the role of the Scope Applicability column in the CCM?
19. The data and information like content in database or file storage are part of which layer of Logical Model?
20. Which communication method is used by customers to access database information using a web console?
21. When it comes to securing the management plane, how are access identification, authentication, and authorization implemented?
22. Which of the following is a cloud infrastructure that is shared by several organizations and supports a specific group that has shared concerns?
23. Which of the following leverages virtual network topologies to run smaller, and more isolated networks without incurring additional hardware costs?
24. Attestations and certifications are activities that will be valid at any future point in time and providers must keep any published results readily available for quick reference.
25. All services from a particular provider meet the same audit/assessment standards.
26. Which of the following tools lists cloud security controls and maps them to multiple security and compliance standards. ?
27. In which type of environment it is impractical to allow clients to conduct their own audits?
28. Cloud service providers leverage which of the following to manage costs and enable capabilities?
29. Which of the following describes the cloud management plane?
30. Which of the following statement is true for orchestration?
31. PaaS needs to be built on top of IaaS and it cannot be a custom designed stand-alone architecture
32. If an attacker gets into your management plane, they have full remote access to your entire cloud environment.
33. CCM: The CCM provides an anchor-point and common language for balanced measurement of security and compliance postures.
With CCM all supply chain parties can speak the same language ?
34. Logs, documentation, and other materials that are needed for audits and compliance and are used as evidence to support compliance activities are called as-
35. In which of the following service models cloud consumer may only be able to manage authorization and entitlements?
36. In which phase of the application design and development process, the focus is on architecture?
37. Which of the following is the most commonly used application programming interface?
38. CCM: How many Domains and Controls are in CCM V.3.0.1?
39. Which of the following can the cloud provider implement to mitigate the credential compromise or theft?
40. Which of the following allows you to create an infrastructure template to configure all or some aspects of a cloud deployment?
41. Cloud user does not require special permission to perform vulnerability assessment on its environment in cloud.
42. Which of the following is not one of the five key legal issues common across all scenarios?
43. When entrusting a third party to process the data on its behalf, who remains responsible for the collection and processing of the data?
44. Which of the following statement about CSA s CCM and Security Guidance is not true?
45. SLA’s may limit a client’s ability to collect large volumes of data quickly and in a forensically sound manner.
46. The following list of controls belongs to which domain of the CCM?
GRM 04 – Management Program
GRM 05 – Support / Involvement
GRM 06 – Policy
GRM 07 – Policy Enforcement
47. Which of the following governance domain focuses on proper and adequate incident detection, response, notification and remediation?
48. Which of the following is not one of the benefits of Cloud Computing?
49. The Cloud Security Alliance STAR Registry is used for which of the following purposes?
50. How will you ensure that you have provided sufficient encryption protection to your data in the cloud?
51. The nature of contracts with cloud providers will often preclude things like on-premises audits. What options does the customer have in this situation?
52. In the United States, a party is obligated to take reasonable steps to prevent the destruction or modification of data in its possession that it knows, is relevant to pending litigation or government investigation.
53. Which of the following tools provide a standard template for cloud providers to document their security and compliance controls?
54. Which of the following WAN virtualization technology is used to create networks which span multiple base networks?
55. Which of the following is an underlying vulnerability related to loss of Governance?
56. The management plane controls and configures which of the following:
57. The key difference between cloud and traditional computing is the infrastructure.
58. Which of the following statement regarding service administrator account is not true?
59. Which of the following reflects the claim of an individual to have certain data deleted so that third persons can no longer trace them?
60. Which of the following is true about the pass-through audit which is a form of compliance inheritance?
Question 1 of 60