Cloud Security Knowledge CCSK Book

Certificate of Cloud Security Knowledge (CCSK v5.0) Questions and Answers

Question 81

What is a key advantage of using Policy-Based Access Control (PBAC) for cloud-based access management?

PBAC eliminates the need for defining and managing user roles and permissions.

PBAC is easier to implement and manage compared to Role-Based Access Control (RBAC).

PBAC allows enforcement of granular, context-aware security policies using multiple attributes.

PBAC ensures that access policies are consistent across all cloud providers and platforms.

Question 82

Which of the following best describes compliance in the context of cybersecurity?

Defining and maintaining the governance plan

Adherence to internal policies, laws, regulations, standards, and best practices

Implementing automation technologies to monitor the control implemented

Conducting regular penetration testing as stated in applicable laws and regulations

Question 83

In a cloud environment, what does the Shared Security Responsibility Model primarily aim to define?

The division of security responsibilities between cloud providers and customers

The relationships between IaaS, PaaS, and SaaS providers

The compliance with geographical data residency and sovereignty

The guidance for the cloud compliance framework

Question 84

How does artificial intelligence pose both opportunities and risks in cloud security?

AI enhances security without any adverse implications

AI mainly reduces manual work with no significant security impacts

AI enhances detection mechanisms but could be exploited for sophisticated attacks

AI is only beneficial in data management, not security