• Home
  • Articles
  • 2021 Realistic Verified Free Cloud Security Alliance CCSK Exam Questions [Q69-Q89]

2021 Realistic Verified Free Cloud Security Alliance CCSK Exam Questions [Q69-Q89]

Share

2021 Realistic Verified Free Cloud Security Alliance CCSK Exam Questions 

CCSK Real Exam Questions and Answers FREE


What is the duration, language, and format of the Certificate of Cloud Security Knowledge (CCSK) Exam

  • Language of Exam: English, Spanish
  • Passing score: 80%
  • Time Allowed: 90 minutes
  • Number of questions: 60
  • Format: Multiple Choice Questions

 

NEW QUESTION 69
When your bank or credit card company sends you a notification of changes in how it collects or shares data, it is sending that notification in compliance with:

  • A. GDPR
  • B. ISO 27001
  • C. HIPAA
  • D. FERPA

Answer: A

Explanation:
Under GDPR. it is mandatory to notify consumers how their data will be used

 

NEW QUESTION 70
Whose responsibility is to maintain security incident and event management(SIEM) capabilities in PaaS (Platform as a Service) model?

  • A. Cloud Access Security Broker
  • B. Cloud Carrier
  • C. Cloud Service provider
  • D. Cloud Customer

Answer: C

Explanation:
In forms of service models, it is cloud service provider's responsibility to maintain security incident and event management(SIEM) capabilities

 

NEW QUESTION 71
Which of the following is not a common cloud service model?

  • A. Platform as a Service
  • B. Software as a Service
  • C. Programming as a Service
  • D. Infrastructure as a Service

Answer: C

Explanation:
Programming as a Service is not a common offering; the others are ubiquitous through out the industry.

 

NEW QUESTION 72
Who is responsible for infrastructure Security in Software as a Service(SaaS) service model?

  • A. Cloud Service Provider
  • B. It's a shared responsibility between Cloud Service Provider and Cloud Customer
  • C. Cloud Carrier
  • D. Cloud Customer

Answer: A

Explanation:
Cloud service Provider is responsible for infrastructure in Software as a service(SaaS) service Model

 

NEW QUESTION 73
What is the newer application development methodology and philosophy focused on automation of application development and deployment?

  • A. BusOps
  • B. SecDevOps
  • C. Agile
  • D. DevOps
  • E. Scrum

Answer: D

 

NEW QUESTION 74
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

  • A. The actual size of the data and the storage format
  • B. The language of the data and how it affects the user
  • C. The fragmentation and encryption algorithms employed
  • D. The implications of storing complex information on simple storage systems
  • E. The physical location of the data and how it is accessed

Answer: D

 

NEW QUESTION 75
Metrics which govern the contractual obligations of cloud service are found in:

  • A. Service Level agreements(SLA)
  • B. Contract itself
  • C. Operational Level Agreement(OLA)
  • D. Service Book

Answer: A

Explanation:
The SLA is the list of defined, specific, numerical metrics that will used to determine whether the provider is sufficiently meeting the contract terms during each period of performance.

 

NEW QUESTION 76
Which of the following document defines the roles and responsibilities for risk management between a cloud provider and a cloud customer?

  • A. Service Level Agreement
  • B. Operational level Agreement
  • C. Risk Management Agreement
  • D. Contract

Answer: D

Explanation:
Contract defines defines the roles and responsibilities for risk management between a cloud provider and a cloud customer

 

NEW QUESTION 77
"Standards like the SSAE16 have a defined scope. which includes both what is assessed (e.g. which of the provider's services) as well as which controls are assessed. A provider can thus "pass" an audit that doesn't include any security controls. which isn't overly useful for security and risk managers. " True or False?

  • A. True
  • B. False

Answer: A

Explanation:
This is true, When cloud assessment is done, it is very important to understand the scope of the audit and the standard used. In statement above, we can see that, audit scope ofSSAE16 is decided by cloud provider and can be very limited and one may not be get full visilibility into the security of the cloud service provider.

 

NEW QUESTION 78
A SIEM device should be tuned in regularly to:

  • A. update the device to latest patch by vendor
  • B. to test its scope of functional it
  • C. add new rules and remove old rules and thereby Eliminate false positive
  • D. add new rules on top of existing old rules to enhance its capability

Answer: C

Explanation:
It is necessary to tuned regularly. It is helps in reducing false positives and keep the signatures latest and optimal.

 

NEW QUESTION 79
Which are the two major categories of network virtualization commonly seen in cloud computing today?

  • A. Virtual Private Networks and Converged Network
  • B. Software Defined Networks and Virtual Private Networks
  • C. Virtual LANS(VLANs)and Converged Networks
  • D. Software Defined Networks and Virtual LANs(VLANs)

Answer: C

Explanation:
There are two major categories of network virtualization commonly seen in cloud computing today:
. Virtual Local Area Networks (VLANs): VLANs leverage existing network technology implemented in most network hardware.
VLANs are extremely common in enterprise networks, even without Management Storage Service Management plane to nodes storage nodes (volumes) to compute nodes (instances) Internet to compute nodes Instances to instance Common networks underlying IaaS. They are designed for use in single-tenant networks (enterprise data centers) to separate different business units, functions, etc. (like guest networks). VLANs are not designed for cloud-scale virtualization or security and shouldn't be considered, on their own, an effective security control for isolating networks. They are also never a substitute for physical network segregation.
. Software Defined Networking(SDN): A more complete abstraction layer on top of networking hardware, SDNs decouple the network control plane from the data. This allows us to abstract networking from the traditional limitations of a LAN.
Ref: CSA Security Guidelines V.4 (reproduced here for the educational purpose)

 

NEW QUESTION 80
Object storage unsuitable for data that changes frequently, Is it true?

  • A. True, because whenever you update a file you may have to wait until the change is propagated to all the replicas before requests return the latest version
  • B. False, Object storage is suitable for all type of data
  • C. False, because change in one replica will also return latest version irrespective of its location
  • D. True, because data is geographically disperse and cannot be replicated

Answer: A

Explanation:
With object storage systems, data consistency is achieved eventually. Whenever you update a file, you may have to wait until the change is propagated to all the replicas before requests return the latest version.

 

NEW QUESTION 81
Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?

  • A. None of the above.
  • B. More physical control over assets and processes.
  • C. Decreased requirement for proactive management of relationship and adherence to contracts.
  • D. Increased need, but reduction in costs, for managing risks accepted by the cloud provider.
  • E. Greater reliance on contracts, audits, and assessments due to lack of visibility or management.

Answer: E

 

NEW QUESTION 82
An adversary uses a cloud Platform to launch a DDoS attack against XYZ company. This type of risk is termed as:

  • A. Malicious Insider
  • B. Abuse of Cloud services
  • C. Account Hijacking
  • D. Data Breaches

Answer: B

Explanation:
Malicious actors may leverage cloud computing resources to target users, Organizations or other cloud providers. Examples of misuse of cloud service-based resources include launching DDoS attacks, email spam and phishing campaigns; "mining" for digital currency; large-scale automated click fraud; brute- force compute attacks of stolen credential databases; and hosting of malicious or pirated content.

 

NEW QUESTION 83
What is it called when you lose control of the amount of content on your image store?

  • A. Sprawl
  • B. Media Contention
  • C. Media Sanitization
  • D. Data Loss

Answer: A

Explanation:
Sprawl occurs when you lose control of the amount of content on your image store.
Unnecessary images may be created and run. Each additional image running is another potential point of compromise for an attacker.

 

NEW QUESTION 84
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?

  • A. An entitlement matrix
  • B. An entry log
  • C. A support table
  • D. An access log
  • E. A validation process

Answer: E

 

NEW QUESTION 85
Which of the following is NOT a key subsystem recommended for monitoring in cloud environments?

  • A. CPU
  • B. Cables
  • C. Disk
  • D. Network

Answer: B

Explanation:
Network, CPU and Disk(storage) are key subsystems in cloud environment that should be monitored.

 

NEW QUESTION 86
In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

  • A. Single tenant environments
  • B. Distributed computing arrangements
  • C. Long distance relationships
  • D. Multi-application, single tenant environments
  • E. Multi-tenant environments

Answer: E

 

NEW QUESTION 87
Which of the following pair represents Storage used in IaaS infra-structure?

  • A. Structured and Unstructured Storage
  • B. CDN and Ephemeral
  • C. Raw and long-term storage
  • D. Volume and object storage

Answer: D

Explanation:
IaaS uses the following storage types:
Volume storage: A virtual hard drive that can be attached to a virtual machine instance and be used to host data within a file System, Volumes attached to IaaS instances behave just like a physical drive or an array does. Examples include VMware Virtua Machine File System(VMFS), Amazon Elastic Block Store(EBS), RackSpace Redundant Array of Independent Disks (RAID), and OpenStack Cinder.
Object storage: Similar to a file share accessed via APIs or a web interface. Examples include Amazon S3 and Rackspace cloud files.

 

NEW QUESTION 88
You, as a cloud customer, will more control on event and diagnostic data in SaaS environment than in the PaaS or IaaS environment.

  • A. True
  • B. False

Answer: B

Explanation:
This is false because it will be exactly opposite. ln SaaS environment, you will least amount of controls on event and diagnostic data. Your control will, in fact, increase as you for from SaaS to PaaS and eventually, in IaaS, you will have full control Event and diagnostic data (except of platform logs which is maintained by the cloud service provider).

 

NEW QUESTION 89
......

Exam Dumps CCSK Practice Free Latest Cloud Security Alliance Practice Tests: https://www.dumpstests.com/CCSK-latest-test-dumps.html

CCSK Exam Questions | Real CCSK Practice Dumps: https://drive.google.com/open?id=1Rv36HnCmaNqUv-qruWDt7SPP2WRD-6av 

Related Articles

more
Cloud Security Alliance CCSK Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Use our training practice dumps with real exam questions & answers. Freely download the valid test study torrent, and start your preparation with no time wasted. 100% pass guaranteed is our promise. No help, full refund.

Copyright © 2026 DumpsTests NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy