Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pass CCSK Exam Guide

Page: 3 / 20
Total 273 questions

Certificate of Cloud Security Knowledge (CCSKv5.0) Questions and Answers

Question 9

What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?

Options:

A.

A data destruction plan

B.

A communication plan

C.

A back-up website

D.

A spill remediation kit

E.

A rainy day fund

Question 10

What is true of companies considering a cloud computing business relationship?

Options:

A.

The laws protecting customer data are based on the cloud provider and customer location only.

B.

The confidentiality agreements between companies using cloud computing services is limited legally to the company, not the provider.

C.

The companies using the cloud providers are the custodians of the data entrusted to them.

D.

The cloud computing companies are absolved of all data security and associated risks through contracts and data laws.

E.

The cloud computing companies own all customer data.

Question 11

CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.

Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?

Options:

A.

The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls. This approach will save time.

B.

The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls thoroughly. This approach saves time while being able to assess the company’s overall security posture in an efficient manner.

C.

The CCM domains are not mapped to HIPAA/HITECH Act. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CCM. This approach will allow a thorough assessment of the security posture.

Question 12

How does virtualized storage help avoid data loss if a drive fails?

Options:

A.

Multiple copies in different locations

B.

Drives are backed up, swapped, and archived constantly

C.

Full back ups weekly

D.

Data loss is unavoidable with drive failures

E.

Incremental backups daily

Page: 3 / 20
Total 273 questions