This page was exported from Best Free Exam Guide [ http://free.exams4sures.com ]

Export date:Sat Mar 15 2:22:20 2025 / +0000 GMT

___________________________________________________


Title: CCSK PDF Pass Leader, CCSK Latest Real Test [Q10-Q26]

---------------------------------------------------


 CCSK PDF Pass Leader, CCSK Latest Real Test
Valid CCSK Test Answers &amp; CCSK Exam PDF

Cloud Security Alliance CCSK Foundation Exam Syllabus Topics:
SectionObjectivesInfrastructure Security-Cloud Network Virtualization-Security Changes With Cloud Networking-Challenges of Virtual Appliances-SDN Security Benefits-Micro-segmentation and the Software Defined Perimeter-Hybrid Cloud Considerations-Cloud Compute and Workload SecurityCloud Computing Concepts and Architectures-Definitions of Cloud ComputingService ModelsDeployment ModelsReference and Architecture ModelsLogical Model -Cloud Security Scope, Responsibilities, and Models-Areas of Critical Focus in Cloud SecurityCompliance and Audit Management-Compliance in the CloudCompliance impact on cloud contractsCompliance scopeCompliance analysis requirements -Audit Management in the CloudRight to auditAudit scopeAuditor requirementsIdentity, Entitlement, and Access Management-IAM Standards for Cloud Computing-Managing Users and Identities-Authentication and Credentials-Entitlement and Access ManagementIncident Response-Incident Response Lifecycle-How the Cloud Impacts IRLegal Issues, Contracts and Electronic Discovery-Legal Frameworks Governing Data Protection and PrivacyCross-Border Data TransferRegional Considerations -Contracts and Provider SelectionContractsDue DiligenceThird-Party Audits and Attestations -Electronic DiscoveryData CustodyData PreservationData CollectionResponse to a Subpoena or Search WarrantInformation Governance-Governance Domains-Six phases of the Data Security Lifecycle and their key elements-Data Security Functions, Actors and ControlsManagement Plane and Business Continuity-Business Continuity and Disaster Recovery in the Cloud-Architect for Failure-Management Plane SecurityData Security and Encryption-Data Security Controls-Cloud Data Storage Types-Managing Data Migrations to the Cloud-Securing Data in the Cloud

&nbsp;


NO.10 According to ISO 27018. data processor has explicit control over how CSPs are to use PII.
&nbsp;True
&nbsp;False
In ISO 27018, it is the customer who has explicit right over how CSPs will use their informationNO.11 When Database as a Service is offered on Platform as a Service(PaaS) model, who is responsible for security features that needs to applied to the Databases?
&nbsp;Cloud Service Provider
&nbsp;Cloud Access Security Broker (CASB)
&nbsp;Cloud Consumer
&nbsp;Cloud Carrier
This is a tricky question.When using a Database as a Service, the provider manages fundamental security, patching, and core configuration, while the cloud user is responsible for everything else, including which security features of the database to use, managing accounts, or even authentication methods.Ref: CSA Security Guidelines v4.0NO.12 When the data is transferred to third party. who is ultimately responsible for security of data?
&nbsp;Cloud Service Provider
&nbsp;Cloud Controller
&nbsp;Cloud Processor
&nbsp;Cloud Security Broker
Whatever will be the scenario. Data controller will be responsible for security of data in cloudNO.13 Which of the following are communications method for components within a cloud, some of which (or an entirely different set) are exposed to the cloud user to manage their resources and configurations?
&nbsp;Data Identifiers
&nbsp;Application Programming Interfaces (API)
&nbsp;API Gateway
&nbsp;IPSEC
All this is facilitated using Application Programming Interfaces, APIs are typically the underlying communications method for components within a cloud. some of which (or an entirely different set) are exposed to the cloud user to manage their resources and configurations. Most cloud APIs these days use REST (Representational State Transfer). which runs over the HTTP protocol, making it extremelywe11 suited for Internet services.Ref: CSA Security Guidelines V4.0NO.14 Who is responsible for the safe custody, transport, data storage. and implementation of business rules in relation to the privacy?
&nbsp;Data controller
&nbsp;Data owner
&nbsp;Data custodian
&nbsp;Data processor
Data custodians are responsible for the safe custody. transport. data storage. and implementation of business rulesNO.15 A health care facility has to only comply with HIPAA and do not need to comply with PCI DSS.
&nbsp;True
&nbsp;False
This is a tricky question. It is true that health care facility need to comply with HIPAA but if the healthcare facility is processing credit cards, they will have to comply with PCI DSS as wellNO.16 Enterprise Risk Management is part of over all information Risk Management of the organization
&nbsp;True
&nbsp;False
It is False and it is other way round. Information Risk management is part of Enterprise Risk.NO.17 How is encryption managed on multi-tenant storage?
&nbsp;Single key for all data owners
&nbsp;One key per data owner
&nbsp;Multiple keys per data owner
&nbsp;The answer could be A, B, or C depending on the provider
&nbsp;C for data subject to the EU Data Protection Directive; B for all others
NO.18 Cloud customer can do vulnerability assessment of their whole infrastructure on cloud just like they conduct vulnerbility assessment of their traditional infrastructure.
&nbsp;True
&nbsp;False
It is false.Customer will have to take permission and give notification to cloud service provider.The cloud owner (public or private) will typically require notification of assessments and place limits on the nature of assessments. This is because they may be unable to distinguish an assessment from a real attack without prior warning.Ref: CSA Security Guidelines V4.0NO.19 Select the best definition of &#8220;compliance&#8221; from the options below.
&nbsp;The development of a routine that covers all necessary security measures.
&nbsp;The diligent habits of good security practices and recording of the same.
&nbsp;The timely and efficient filing of security reports.
&nbsp;The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.
&nbsp;The process of completing all forms and paperwork necessary to develop a defensible paper trail.
NO.20 Ben was working on a project and hosted all its data on a public cloud. The project is now complete and he wants to remove the data Which of the following is best option for him in order to leave no remanence?
&nbsp;Data-overwriting
&nbsp;Physically destroy the media
&nbsp;Cryptographic erasure
&nbsp;Zeroing
All the options given are correct methods of destroying data but when it comes to data in cloud. the most suitable method is cryptographic erasure.Definition: Cryptographic ErasureCryptographic erasure is the process of using encryption software (either built-in or deployed) on the entire data storage device. and erasing the key used to decrypt the data.NO.21 Which of the following is key benefit of private cloud model?
&nbsp;Distributed data location
&nbsp;Assurance of Data Location
&nbsp;Off-loading IT Management
&nbsp;Less expensive
One of the key challenges in cloud computing is its distributed environment and dispersed data centers across the globe. It is very difficult to trace data location in public clouds.Therefore. Assurance of data location is key advantage of private cloud.NO.22 Cloud Security provider is responsible for Platform Security in Platform as a Service(PaaS) model.
&nbsp;True
&nbsp;False
It is false. Platform security is a shared responsibility between cloud service provider and cloud service customer in Platform as a Service(PaaS) model.NO.23 Which of the following is the correct pair of risk management standards?
&nbsp;ISO27002 &amp; ISO27005
&nbsp;ISO27001 &amp; ISO27018
&nbsp;ISO31000 &amp; ISO27017
&nbsp;ISO27005 &amp; ISO31000
IS027005 refers to processes for IT Risk Management whereas ISO31000 refers to Enterprise Risk ManagementNO.24 Exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations, are called:
&nbsp;Threat Agents
&nbsp;Vulnerbilities
&nbsp;Threats
&nbsp;Honepots
It&#8217;s a definition of System Vulnerability.NO.25 Which of the following is correct about Due Care &amp; Due Diligence?
&nbsp;Due diligence is the act of investigating and understanding the risks a company faces whereas Due care is the development and implementation of policies and procedures to aid in protecting the company. its assets and its people from threats.
&nbsp;Due care is the act of investigating and understanding the risks a company faces whereas Due Diligence is the development and implementation of policies and procedures to aid in protecting the company. its assets and its people from threats.
&nbsp;Due care is technical control whereas Due Deligence is physical control.
&nbsp;None of the above definitions are correct.
Definitions:Due diligence is the act of investigating and understanding the risks a company faces.Due care is the development and implementation of policies and procedures to aid in protecting the company, its assets, and its people from threatsNO.26 According to CSA Security Guidelines, there are four layers of Logical Model for cloud computing. Which of the following is not one of the layers as defined by Cloud Security Alliance?
&nbsp;Infrasturcture
&nbsp;Metastructure
&nbsp;Applistructure
&nbsp;Softstructure
The four layers of Logical Model for cloud computing according to Cloud Security Alliance are:1. Infrastructure: The core components of a computing system: compute, network, and storage. The foundation that everything else is built on. The moving parts.2. Metastructure: The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers. The glue that ties the technologies and enables management and configuration.3. Infostructure: The data and information. Content in a database, file storage, etc.4. Applistructure: The applications deployed in the cloud and the underlying application services used to build them. For example, Platform as a Service features like message queues, artificial intelligence analysis, or notification services.&nbsp;Loading &#8230;


CCSK Dumps Ensure Your Passing: https://www.exams4sures.com/Cloud-Security-Alliance/CCSK-practice-exam-dumps.html


---------------------------------------------------


Images: https://free.exams4sures.com/wp-content/plugins/watu/loading.gif
https://free.exams4sures.com/wp-content/plugins/watu/loading.gif


---------------------------------------------------


---------------------------------------------------


Post date: 2022-12-09 14:10:03

Post date GMT: 2022-12-09 14:10:03

Post modified date: 2022-12-09 14:10:03

Post modified date GMT: 2022-12-09 14:10:03