Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Cloud Security Knowledge CCSK Book

Page: 21 / 22
Total 288 questions

Certificate of Cloud Security Knowledge (CCSK v5.0) Questions and Answers

Question 81

Which of the following enhances Platform as a Service (PaaS) security by regulating traffic into PaaS components?

Options:

A.

Intrusion Detection Systems

B.

Hardware Security Modules

C.

Network Access Control Lists

D.

API Gateways

Question 82

In Identity and Access Management (IAM) containment, why is it crucial to understand if an attacker escalated their identity?

Options:

A.

It aids in determining the source IP of the attacker.

B.

Because it simplifies the recovery process and increases the response time.

C.

To prevent further unauthorized access and limit the management plane blast radius.

D.

To facilitate the eradication of malware.

Question 83

Which of the following statements best reflects the responsibility of organizations regarding cloud security and data ownership?

Options:

A.

Cloud providers are responsible for everything under the 'limited O responsibilities clauses.' The customer and the provider have joint accountability.

B.

Cloud providers assume full responsibility for the security obligations, and cloud customers are accountable for overall compliance.

C.

Data ownership rights are solely determined by the cloud provider, leaving organizations with no control or accountability over their data.

D.

Organizations are accountable for the security and compliance of their data and systems, even though they may lack full visibility into their cloud provider's infrastructure.

Question 84

In the context of Software-Defined Networking (SDN), what does decoupling the network control plane from the data plane primarily achieve?

Options:

A.

Enables programmatic configuration

B.

Decreases network security

C.

Increases hardware dependency

D.

Increases network complexity

Page: 21 / 22
Total 288 questions