Latest [Sep 13, 2021] Cloud Security Alliance CCSK Exam Practice Test To Gain Brilliante Result Take a Leap Forward in Your Career by Earning Cloud Security Alliance CCSK NEW QUESTION 133 Which one of the following is an example of misuse or abuse of cloud services? A. XSS attacks B. DDoS Attack C. Honeypot D. Account Hijacking Answer: B Explanation:Public cloud platform can be used to launch DDoS [...]

All Products Contact now

Latest [Sep 13, 2021] Cloud Security Alliance CCSK Exam Practice Test To Gain Brilliante Result [Q133-Q158]

Share

Latest [Sep 13, 2021] Cloud Security Alliance CCSK Exam Practice Test To Gain Brilliante Result

Take a Leap Forward in Your Career by Earning Cloud Security Alliance CCSK

NEW QUESTION 133
Which one of the following is an example of misuse or abuse of cloud services?

  • A. XSS attacks
  • B. DDoS Attack
  • C. Honeypot
  • D. Account Hijacking

Answer: B

Explanation:
Public cloud platform can be used to launch DDoS attack on other platforms.
Please note here and understand the meaning of phrase "abuse or misuse of cloud Services" This phrase means to launch attacks or campaign by using cloud as a platform. mostly. public cloud.

 

NEW QUESTION 134
Which is the primary tool for governance in Cloud Computing environment?

  • A. Operational level Agreement
  • B. Governance memo
  • C. Service Level Agreement
  • D. Contract

Answer: A

Explanation:
Contracts: The primary tool of governance is the contract between a cloud provider and a cloud customer(this is true for public and private cloud). The contract is your only guarantee of any level of service or commitment-assuming there is no breach of contract, which tosses everything into a legal scenario. Contracts are the primary tool to extend governance into business partners and providers.
Ref: Security Guidance v4.0 Copyright2017, Cloud Security Alliance(used for educational purpose here)

 

NEW QUESTION 135
The risk left in any system after all countermeasures and strategies have been applied is called:

  • A. Annualised Risk
  • B. Residual Risk
  • C. Leftover risk
  • D. Mitigated Risk

Answer: B

Explanation:
Thats the definition of residual risk

 

NEW QUESTION 136
In a cloud environment, "unclear roles& responsibilities" and "no control over vulnerability process" on part of cloud customer can lead to:

  • A. Lack of Disaster Recovery
  • B. Loss of Governance
  • C. Denial of Service Attacks
  • D. Poor management of cloud Infrastructure

Answer: B

Explanation:
It can lead to loss of governance.
In using cloud infrastructures, the client necessarily cedes control to the cloud service provider(CSP) on several issues which may affect security.
The loss of governance and control could have a potentially severe impact on the organization's strategy and therefore on the capacity to meet its mission and goals. The loss of control and governance could lead to the impossibility of complying with the security requirements, a lack of confidentiality, integrity and availability of data, and a deterioration of performance and quality of service, not to mention the introduction of compliance challenges.
Source: ENISA- Security Risk and Benefits

 

NEW QUESTION 137
Which of the authentication is more secured?

  • A. Password Authentication
  • B. Single Sign-on
  • C. Multifactor Authentication
  • D. Biometric Authentication

Answer: C

Explanation:
Multifactor authentication is more secured than the rest because it has more than one aspect to authentication Multifactor authentication is composed of, at a minimum, two of the following aspects- something you know, something you are, or something you have. Something you know can be a password, passphrase, and so on. Something you have can be something like a number-generating transmit a number or fob, a smartphone capable of receiving text messages, or even a phone that can receive a call and then to the individual but that is only accessible from a very specific phone number.
Something you are is a biometric trait of yourself, as a living creature. This could be as unique and specific as your DNA fingerprint, or as cursorily general as a photograph.

 

NEW QUESTION 138
When creating business strategies for cloud migration. which is the most important aspect?

  • A. Choosing the right auditor
  • B. Valuating current staff for their capabilities
  • C. Hiring a cloud broker
  • D. Due Diligence when inspecting technologies and choosing cloud provider

Answer: D

Explanation:
Due Diligence is most important aspect when considering adoption to the cloud

 

NEW QUESTION 139
ln which service model. does cloud security provider has least responsibility?

  • A. IaaS
  • B. SaaS
  • C. PaaS
  • D. XaaS

Answer: A

Explanation:
In IaaS service model. CSP is responsible only for the physical infrastructure.

 

NEW QUESTION 140
Which of the following is NOT a component of Software Defined Perimeter as defined by Cloud Security Alliance Working group on SDP?

  • A. SDP Client
  • B. SDP Gateway
  • C. SDP Host
  • D. SDP Controller

Answer: C

Explanation:
The CSA Software Defined Perimeter Working Group has developed a model and specification that combines device and user authentication to dynamically provision network access to resources and enhance security. SDP includes three components:
An SDP client on the connecting asset (e.g. a laptop).
* The SDP controller for authenticating and authorizing SDP clients and configuring the connections to SDP gateways.
* The SDP gateway for terminating SDP client network traffic and enforcing policies in communication with the SDP controller. Reference: CSA Security GuidelinesV.4(reproduced here for the educational purpose)

 

NEW QUESTION 141
Which of the following establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information(PII) in accordance with the privacy principles in IS0/IEC 29100 for the public cloud computing environment?

  • A. IS0 27017
  • B. IS0 27032
  • C. IS0 27034
  • D. IS0 27018

Answer: D

Explanation:
IS0/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information(PII) in accordance with the privacy principles in IS0/IEC 29100 for the public cloud computing environment.

 

NEW QUESTION 142
______ refers to the deeper integration of development and operations teams through better collaboration and communications, with a heavy focus on automating application deployment and infrastructure operations?

  • A. SySOpS
  • B. DevOps
  • C. Chef
  • D. Automation

Answer: B

Explanation:
Thats how Devops is referred

 

NEW QUESTION 143
Inability of customer to leave, migrate, Or transfer to an alternate cloud service provider because of technical or nontechnical constraints. is known as:

  • A. Vendor Lock
  • B. Vendor Limit
  • C. Vendor lock-out
  • D. Vendor lock-in

Answer: D

Explanation:
Vendor lock-in is a situation in which a customer using a product or service cannot easily transition to a competitor's product or service. Vendor lock-in is usually the result of proprietary technologies that are incompatible with those of competitors.

 

NEW QUESTION 144
ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:

  • A. Lack of information on jurisdictions
  • B. Unclear asset ownership
  • C. Audit or certification not available to customers
  • D. No source escrow agreement
  • E. Lack of completeness and transparency in terms of use

Answer: E

 

NEW QUESTION 145
One of the purpose of incident response is to minimize the adverse impact on business organizations.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 146
Which of the following is NOT key Cloud computing characteristics?

  • A. Metered pricing
  • B. On Demand self service
  • C. Broad Network Access
  • D. Metered servicing

Answer: D

Explanation:
Often, this type of questions looks simple, but a confusion is created and you need to be careful while picking up the right options ln our case, metered pricing and metered servicing looks similar but Metered pricing is one of the characteristics of cloud computing.

 

NEW QUESTION 147
Use elastic servers when possible and move workloads to new instances.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 148
What defines easiness to move and reuse application components regardless of the provider, platform,
0S, infrastructure, location, storage, format of data or APIs, how well applications work together, and how well new applications work with other solutions present in the business, organization, or provider's existing architecture?

  • A. Interoperability
  • B. Portability
  • C. Scalability
  • D. Elasticity

Answer: A

Explanation:
Interoperability is an important characteristic.
Definition: Interoperability
Interoperability is the ability of a system or a product to work with other systems or products without special effort on the part of the customer.

 

NEW QUESTION 149
Under the new EU data protection rules. data destruction and corruption of personal data.

  • A. does not guarantee damages that can claimed by cloud customer.
  • B. does not need notification but cloud service provider is legally liable
  • C. are considered forms of data breaches and require notification
  • D. does not attract any additional penalty

Answer: C

Explanation:
They are considered as forms of data breached and require notification. Further cloud customer is legally liable.

 

NEW QUESTION 150
Which of the following type of risk assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action?

  • A. Qualitative Analysis
  • B. Quantitative Analysis
  • C. Outsourced risk analysis
  • D. Third party Risk Analysis

Answer: B

Explanation:
Quantitative assessments typically employ a set of methods, principles, or rules for assessing risk based on the use of numbers This type of assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action.

 

NEW QUESTION 151
Which of the following functions maps to all the phases of Data security life cycle?

  • A. Read/Access
  • B. Process
  • C. Destroy
  • D. Store

Answer: A

Explanation:
Functions: There are three things we can do with a given datum:
. Read, View/read the data, including creating, copying, file transfers, dissemination, and other exchanges of information.
* Process. Perform a transaction on the data; update it; use it in a business processing transaction, etc.
. Store, Hold the data (in a file, database, etc.).

 

NEW QUESTION 152
Who is responsible for the security of the physical infrastructure and virtualization platform?

  • A. The cloud provider
  • B. It depends on the agreement
  • C. The responsibility is split equally
  • D. The majority is covered by the consumer
  • E. The cloud consumer

Answer: A

 

NEW QUESTION 153
Which attack surfaces, if any, does virtualization technology introduce?

  • A. All of the above
  • B. The hypervisor
  • C. Configuration and VM sprawl issues
  • D. Virtualization management components apart from the hypervisor

Answer: A

 

NEW QUESTION 154
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

  • A. Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.
  • B. Maintaining customer managed key management and revoking or deleting keys from the key management system to prevent the data from being accessed again.
  • C. Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.
  • D. Both B and D.
  • E. Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.

Answer: B

 

NEW QUESTION 155
Which of following responsibilities can never be transferred. even during cloud adoption?

  • A. Application Development
  • B. Infrastructure
  • C. Security
  • D. Governance

Answer: D

Explanation:
The primary issue to remember when governing cloud computing is that an organization can never outsource responsibility for governance, even when using external providers. This is always true, cloud or not, but is useful to keep in mind when navigating cloud computing's concepts of shared responsibility models Ref: CSA Security Guidelines V4.0

 

NEW QUESTION 156
The characteristics and traits of an individual that when aggregated could reveal the identity of that person. are known as:

  • A. Indirect Identifiers
  • B. Indirect identifications
  • C. Indirect Identity Marks
  • D. Indirect indicators

Answer: A

Explanation:
Indirect identifiers typically consist of demographic or socioeconomic information, dates, or events.
Although each standalone indirect identifier cannot identify the individual, the risk is that combining a number of indirect identifiers with external data can result in exposing the subject of the information.
For example, imagine a scenario in which users were able to combine search engine data, coupled with online streaming recommendations to tie back posts and recommendations to individual users on a website.

 

NEW QUESTION 157
Your cloud and on-premises infrastructures should always use the same network address ranges.

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 158
......

Authentic Best resources for CCSK Online Practice Exam: https://www.guidetorrent.com/CCSK-pdf-free-download.html

Updates Up to 365 days On Developing CCSK Braindumps: https://drive.google.com/open?id=1hQsBwY-wIydjEAnRihE2tsFzKt8ujmXj

Related Articles

more
Cloud Security Alliance CCSK Certification Practice Exam