CCSK EXAM SIMULATOR

1. Which of the following are the most commonly seen networks that are isolated onto dedicated hardware since there is no functional or traffic overlap?

 
 
 
 

2. Which of the following will not prevent you from moving unapproved data to cloud services?

 
 
 
 
 

3. Which of the following encryption methods is utilized when object storage is used as the back-end for an application?

 
 
 
 
 

4. Which of the following is the most important aspects of incident response for cloud-based resources?

 
 
 
 
 

5. Resource pooling practiced by the cloud services may especially complicate which part of the IR process?

 
 
 
 
 

6. Which of the following ensures that the consumers only use what they are allotted, and are charged for it?

 
 
 
 
 

7. As per GDPR company must report the breach in what amount of time?

 
 
 
 
 

8. Role-Based Access Control (RBAC) model for IAM offers greater flexibility and security than the Attribute-Based Access Control (ABAC) model.

 
 

9. In a multi-tenant environment, if customers can access and modify each other’s assets which of the following has caused this issue?

 
 
 
 
 

10. Which of the following is the most obvious form of provider lock-in?

 
 
 
 

11. Which of the following statements regarding cloud platform architecture is true?

 
 
 
 

12. Which of the following is one of the challenges of application security in a cloud environment?

 
 
 
 
 

13. Infrastructure in the cloud cannot be defined and implemented through templates and automation.

 
 

14. Which of the following regarding customer managed keys is true?

 
 
 
 
 

15. Which of the following statement related to direct “lift and shift” of existing application to a cloud environment is true?

 
 
 
 

16. “Cloud Provider Acquisition” is which form of risk?

 
 
 
 

17. Which of the following encrypts and prevents the unauthorized copying or changing of the content?

 
 
 
 
 

18. You do not trust your SaaS provider and have chosen to encrypt all of your data. Which of the following is true is this situation?

 
 
 
 

19. Which of the following characteristics of cloud allows a consumer to unilaterally provision computing capabilities such server time and network storage as needed?

 
 
 
 
 

20. Which of the following is a permission to do something like access a file, network, or perform a certain function like an API call on a particular resource?

 
 
 
 
 

21. Which of the following best describes the data protection when it moves to the cloud?

 
 
 
 
 

22. CI/CD pipelines can enhance security through support of which of the following?

 
 
 
 

23. Which of the following comes immediately after the data creation in the data security lifecycle?

 
 
 
 
 

24. Exiting from an activity giving rise to more risk is called as?

 
 
 
 
 

25. CSA’s Software Defined Perimeter includes:

 
 
 
 

26. Installing traditional agents designed for physical servers will not result in the same amount of efficiency and performance on a virtualized server.

 
 

27. ENISA: Which of the following statement is true regarding the risk of natural disasters in cloud?

 
 
 
 

28. Virtualization security in cloud computing is the responsibility of cloud provider.

 
 

29. Which of the following provides “Storage as a Service” as a sub-offering?

 
 
 
 

30. Why Hardware Security Modules (HSM) are difficult to distribute in multiple locations used in cloud architectures?

 
 
 
 

31. Which technique is used in the cloud to coordinate carving out and delivering a set of resources from the pools to the consumers?

 
 
 
 

32. ENISA: Lock-in is under which category of risk?

 
 
 
 

33. Which of the following gives the customers ability to audit the cloud provider?

 
 
 
 
 

34. Which of the following clauses in the agreement between customer and cloud provider can provide customers in highly regulated industries with the required information?

 
 
 
 
 

35. Which of the following encryption will be used when object storage is used as the back-end for an application?

 
 
 
 
 

36. Which of the following is a responsibility of a cloud user?

 
 
 
 
 

37. ENISA: Password-based authentication should be sufficient for accessing cloud resources.

 
 

38. If a cloud service provider receives a request to provide client information in the form of a subpoena or a court order, how can client have the ability to fight the request?

 
 
 
 

39. Cloud based Web Application Firewalls (WAFs) also include anti-DDoS capabilities.

 
 

40. Which of the following frameworks is used in the industry to describe a series of security activities during all phases of application development, deployment, and operations?

 
 
 
 
 

41. Private Cloud operated solely for a single organization can be located at-

 
 
 
 

42. Which of the following is one of the most common open standards to enable federation in the cloud?

 
 
 
 
 

43. ENISA: The lack of use of standards technologies and solutions by the cloud provider may lead to-

 
 
 
 
 

44. Which of the following is a preferred model for cloud-based access management?

 
 
 
 

45. Which of the following includes all the documentation on a provider’s internal and external compliance assessments?

 
 
 
 
 

46. Point-in-time activities like compliance, audit, and assurance should be conducted by cloud providers to avoid creating any gaps, and thus exposures, for their customers.

 
 

47. Inability to provide sufficient capacity to a customer can lead to which of the following?

 
 
 
 
 

48. ENISA: Which of the following is the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data?

 
 
 
 
 

49. ENISA: Whose responsibility is it to choose a data processor that provides sufficient guarantees with respect to the technical security measures and organisational measures governing the processing to be carried out, and ensuring compliance with those measures?

 
 
 
 
 

50. In Federation which party makes assertions to which party?

 
 
 
 

51. In addition to providing better server utilization, and data center consolidation, virtualization also reduces the security threats significantly.

 
 

52. Which of the following defines the amount of risk that the leadership and stakeholders of an organization are willing to accept?

 
 
 
 

53. Containers provide full security isolation and task segregation.

 
 

54. How can you prevent cloud providers from inappropriately accessing customer data?

 
 
 
 
 

55. The most fundamental security control for any multi-tenant network is-

 
 
 
 

56. Customers should view cloud services and security as –

 
 
 
 
 

57. For which of the following SecaaS concerns, providers should be held to the highest standards of multi-tenant isolation and segregation?

 
 
 
 

58. Which of the following essential characteristics of a cloud allows customers to closely match resource consumption with demand?

 
 
 
 
 

59. Which of the following statements regarding SDN (Software Defined Networking) is not true?

 
 
 
 
 

60. ENISA: The risks identified can be classified into which of the following three categories?

 
 
 
 
 

Question 1 of 60