Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Cloud Security Knowledge CCSK Syllabus Exam Questions Answers

Page: 15 / 22
Total 288 questions

Certificate of Cloud Security Knowledge (CCSK v5.0) Questions and Answers

Question 57

What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

Options:

A.

Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.

B.

Maintaining customer managed key management and revoking or deleting keys from the key management system to prevent the data from being accessed again.

C.

Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.

D.

Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.

E.

Both B and D.

Question 58

Select the best definition of “compliance” from the options below.

Options:

A.

The development of a routine that covers all necessary security measures.

B.

The diligent habits of good security practices and recording of the same.

C.

The timely and efficient filing of security reports.

D.

The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.

E.

The process of completing all forms and paperwork necessary to develop a defensible paper trail.

Question 59

What is a primary benefit of consolidating traffic through a central bastion/transit network in a hybrid cloud environment?

Options:

A.

It minimizes hybrid cloud sprawl and consolidates security.

B.

It reduces the need for physical network hardware.

C.

It increases network redundancy and fault tolerance.

D.

It decreases the latency of data transfers across the cloud network.

Question 60

How can the use of third-party libraries introduce supply chain risks in software development?

Options:

A.

They are usually open source and do not require vetting

B.

They might contain vulnerabilities that can be exploited

C.

They fail to integrate properly with existing continuous integration pipelines

D.

They might increase the overall complexity of the codebase

Page: 15 / 22
Total 288 questions