Cloud Security Knowledge CCSK Cloud Security Alliance Study Notes

Certificate of Cloud Security Knowledge (CCSKv5.0) Questions and Answers

Question 21

In which deployment model should the governance strategy consider the minimum common set of controls comprised of the Cloud Service Provider contract and the organization's internal governance agreements?

Options:

Public

PaaS

Private

IaaS

Hybrid

Question 22

ENISA: Which is a potential security benefit of cloud computing?

Options:

More efficient and timely system updates

ISO 27001 certification

Provider can obfuscate system O/S and versions

Greater compatibility with customer IT infrastructure

Lock-In

Question 23

Which of the following is NOT a cloud computing characteristic that impacts incidence response?

Options:

The on demand self-service nature of cloud computing environments.

Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.

The possibility of data crossing geographic or jurisdictional boundaries.

Object-based storage in a private cloud.

The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.

Question 24

Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?

Options:

Auditors working in the interest of the cloud customer

Independent auditors

Certified by CSA

Auditors working in the interest of the cloud provider

None of the above

Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Cloud Security Knowledge CCSK Cloud Security Alliance Study Notes

Certificate of Cloud Security Knowledge (CCSKv5.0) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce