2022 CCSK dumps review - Professional Quiz Study Materials
CCSK Test Prep Training Practice Exam Questions Practice Tests
NEW QUESTION 152
Which of the following Standards is normally followed to manage Enterprise Risk?
- A. ISO 27001
- B. ISO 27005
- C. ISO 27032
- D. ISO 31000
Answer: D
Explanation:
ISO 31000 provides principles and guidelines to do Enterprise Risk Management.
NEW QUESTION 153
Security Governance, Risk and Compliance(GRC) is, generally, responsibility of which of the following across all the platforms (IaaS, PaaS and SaaS)?
- A. Cloud Service Provider
- B. Customer
- C. Joint Responsibility
- D. Shared responsibility
Answer: B
Explanation:
GRC is responsibility of the customer across all service models.
NEW QUESTION 154
What is the main driver for decision to deploy cloud solutions?
- A. Cloud has less risks and costs associated
- B. None of the above
- C. Its business driven
- D. It's a financial decision
Answer: C
Explanation:
All the decisions related to cloud migration are driven by business requirements and effective Business Impact Analysis(BIA)and cost-benefit analysis
NEW QUESTION 155
"Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms" Which of the following characterstics defines this
- A. 0n-demand self-service
- B. Resource pooling
- C. Rapid elasticity
- D. Broad network access
Answer: A
NEW QUESTION 156
Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?
- A. Greater reliance on contracts, audits, and assessments due to lack of visibility or management.
- B. More physical control over assets and processes.
- C. None of the above.
- D. Increased need, but reduction in costs, for managing risks accepted by the cloud provider.
- E. Decreased requirement for proactive management of relationship and adherence to contracts.
Answer: A
NEW QUESTION 157
According to ISO 27018. data processor has explicit control over how CSPs are to use PII.
- A. True
- B. False
Answer: B
Explanation:
In ISO 27018, it is the customer who has explicit right over how CSPs will use their information
NEW QUESTION 158
What is the newer application development methodology and philosophy focused on automation of application development and deployment?
- A. Agile
- B. SecDevOps
- C. DevOps
- D. BusOps
- E. Scrum
Answer: C
NEW QUESTION 159
Which of the following controls and configures the metastructure, and is also part of the metastructure itself?
- A. API Gateway
- B. Web Application Firewall
- C. Management Plance
- D. Network Firewall
Answer: C
Explanation:
The management plane controls and configures the metastructure, and is also part of the metastructure itself. As a reminder, cloud computing is the act of taking physical assets (like networks and processors) and using them to build resource pools. Meta structure is the glue and guts to create, provision, and deprovision the pools. The management plane includes the interfaces for building and managing the cloud itself, but also the interfaces for cloud users to manage their own allocated resources of the cloud.
Ref: CSA Security Guidelines v4.0
NEW QUESTION 160
Whose responsibility is to maintain Data Loss Prevention mechanisms in SaaS(Software as a Service) model ?
- A. Cloud Access Security Broker
- B. Cloud Customer
- C. Cloud Service provider
- D. Cloud Carrier
Answer: C
Explanation:
Although clouds customer is legally responsible for data that he stores on the cloud but Cloud Service Provider has to maintain data loss prevention mechanisms
NEW QUESTION 161
Which of the following decouples the network control plane from the data plane and allows to abstract networking from the tradition a limitations of a LAN?
- A. Traditional Networking
- B. VLANS
- C. Converged Networking
- D. Software defined networking
Answer: D
Explanation:
Software Defined Networking(SDN):A more complete abstraction layer on top of networking hardware, SDNs decouple the network control plane from the data plane(you can read more on SDN principles at this Wikipedia entry).This allows us to abstract networking from the traditional limitations of a LAN.
Reference: CSA Security Guidelines V4.0
NEW QUESTION 162
When the data is transferred to third party. who is ultimately responsible for security of data?
- A. Cloud Security Broker
- B. Cloud Controller
- C. Cloud Service Provider
- D. Cloud Processor
Answer: B
Explanation:
Whatever will be the scenario. Data controller will be responsible for security of data in cloud
NEW QUESTION 163
Metrics which govern the contractual obligations of cloud service are found in:
- A. Service Level agreements(SLA)
- B. Operational Level Agreement(OLA)
- C. Contract itself
- D. Service Book
Answer: A
Explanation:
The SLA is the list of defined, specific, numerical metrics that will used to determine whether the provider is sufficiently meeting the contract terms during each period of performance.
NEW QUESTION 164
Why is a service type of network typically isolated on different hardware?
- A. It manages resource pools for cloud consumers
- B. It manages the traffic between other networks
- C. It requires distinct access controls
- D. It has distinct functions from other networks
- E. It requires unique security
Answer: B
NEW QUESTION 165
______ refers to the deeper integration of development and operations teams through better collaboration and communications, with a heavy focus on automating application deployment and infrastructure operations?
- A. DevOps
- B. Automation
- C. SySOpS
- D. Chef
Answer: A
Explanation:
Thats how Devops is referred
NEW QUESTION 166
Your cloud and on-premises infrastructures should always use the same network address ranges.
- A. True
- B. False
Answer: B
NEW QUESTION 167
Which of the following is not an abuse or misuse of cloud services?
- A. Data Deletion
- B. Launching DDoS Attacks
- C. Email Spam
- D. Phishing campaigns
Answer: A
Explanation:
Please note here and understand the meaning of phrase "abuse or misuse of cloud Services". This phrase means to launch attacks or campaign by using cloud as a platform, mostly, public cloud.
NEW QUESTION 168
What is known as a code execution environment running within an operating system that shares and uses the resources of the operating system?
- A. Virtual machine
- B. Pod
- C. Abstraction
- D. Platform-based Workload
- E. Container
Answer: E
NEW QUESTION 169
What is the process to determine any weaknesses in the application and the potential ingress, egress, and actors involved before the weakness is introduced to production?
- A. Threat Modelling
- B. Threat Detection
- C. Vulnerability Assessment
- D. STRIDE
Answer: A
Explanation:
Threat modelling is performed once an application design is created. The goal of threat modelling is to determine any weaknesses in the application and the potential ingress, egress, and actors involved before the weakness is introduced to production. It is the overall attack surface that is amplified by the cloud, and the threat model has to take that into account.
NEW QUESTION 170
......
For more info read reference:
Exam Questions Answers Braindumps CCSK Exam Dumps PDF Questions: https://prep4sure.real4dumps.com/CCSK-prep4sure-exam.html
