New 2024 Realistic Free Cloud Security Alliance CCSK Exam Dump Questions & Answer [Q52-Q75]

NEW QUESTION 52
Which of the following processes plays a major role in managing system vulnerabilities?

Capacity Management

Patch Management

Incident Management

Release Management

NEW QUESTION 53
Logs, documentation, and other materials needed for audits and compliance and often serve as evidence of compliance activities are known as:

Log Trail

Documented Evidence

Proof of Audit

Artifacts

NEW QUESTION 54
Which statement best describes the impact of Cloud Computing on business continuity management?

A general lack of interoperability standards means that extra focus must be placed on the security aspects of migration between Cloud providers.

The size of data sets hosted at a Cloud provider can present challenges if migration to another provider becomes necessary.

Customers of SaaS providers in particular need to mitigate the risks of application lock-in.

Clients need to do business continuity planning due diligence in case they suddenly need to switch providers.

Geographic redundancy ensures that Cloud Providers provide highly available services.

NEW QUESTION 55
The example of two administrators required to complete an operation in cloud is an example of:

Conflict of interest

Mandy

Separy

Collaborative effons

NEW QUESTION 56
Which is the primary tool used to manage identity and access management of resources spread across hundreds of different clouds and resources?

Active Directory

Federation

SAML 2.0

Entitlement Matrix

NEW QUESTION 57
What are the primary security responsibilities of the cloud provider in the management infrastructure?

Building and properly configuring a secure network infrastructure

Configuring second factor authentication across the network

Properly configuring the deployment of the virtual network, especially the firewalls

Properly configuring the deployment of the virtual network, except the firewalls

Providing as many API endpoints as possible for custom access and configurations

NEW QUESTION 58
Which of the following is not part of STRIDE model?

Spoofing

Denial of Service

Distributed Denial of Service

Elevation of Privilege

NEW QUESTION 59
What is true of security as it relates to cloud network infrastructure?

You should apply cloud firewalls on a per-network basis.

You should deploy your cloud firewalls identical to the existing firewalls.

You should always open traffic between workloads in the same virtual subnet for better visibility.

You should implement a default allow with cloud firewalls and then restrict as necessary.

You should implement a default deny with cloud firewalls.

NEW QUESTION 60
Which governance domain deals with evaluating how cloud computing affects compliance with internal
security policies and various legal requirements, such as regulatory and legislative?

Legal Issues: Contracts and Electronic Discovery

Infrastructure Security

Compliance and Audit Management

Information Governance

Governance and Enterprise Risk Management

NEW QUESTION 61
ln order to determine critical assets and processes of the organization, it must first conduct a:

Risk Assessment

Business Impact Analysis(BIA)

Datacentre monitoring

Host hardening

NEW QUESTION 62
An adversary uses a cloud Platform to launch a DDoS attack against XYZ company. This type of risk is termed as:

Malicious Insider

Data Breaches

Abuse of Cloud services

Account Hijacking

NEW QUESTION 63
CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

Risk Impact

Domain

Control Specification

NEW QUESTION 64
Credentials and cryptographic keys must not be embedded in source code or distributed in public facing repositories such as GitHub.

True

False

NEW QUESTION 65
The entity that has the primary relationship with an individual from whom his/her PII is collected is known as:

Data Controller

Data processor

Data custodian

Data Manager

NEW QUESTION 66
“Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms” Which of the following characterstics defines this

0n-demand self-service

Broad network access

Resource pooling

Rapid elasticity

NEW QUESTION 67
Which data security control is the LEAST likely to be assigned to an IaaS provider?

Application logic

Access controls

Encryption solutions

Physical destruction

Asset management and tracking

NEW QUESTION 68
Which of the following is true when we talk about compliance inheritance?

Cloud Service Provider’s infrastructure should be included in the customer’s compliance audit

Cloud Service Provider’s infrastructure is out of scope in the customer’s compliance audit

Everything the customer configures and builds on top of the certified services is out of sec

There is no need for compliance audit by customer since the Cloud Service Provider is already compliant.

NEW QUESTION 69
Vulnerability assessments cannot be easily integrated into CI/CD pipelines because of provider restrictions.

False

True

NEW QUESTION 70
ENISA: An example high risk role for malicious insiders within a Cloud Provider includes

Sales

Marketing

Legal counsel

Auditors

Accounting

NEW QUESTION 71
Which of the following is NOT a cloud computing characteristic that impacts incidence response?

The on demand self-service nature of cloud computing environments.

Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.

The possibility of data crossing geographic or jurisdictional boundaries.

Object-based storage in a private cloud.

The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.

NEW QUESTION 72
An agreed-upon description of the attributes of a product. at a point in time that serves as a basis for defining change is called:

Standardization

Baseline

Trusted Module

Secured Server

NEW QUESTION 73
In ability to provide enough capacity to the cloud customer can lead to which of the following risk:

Resource Exhaustion

Data Breach

Resource Utilization

Data Dispersion

NEW QUESTION 74
When virtual machines may communicate with each other over a hardware backplane, Rather than a network, It gives rise to:

Multi-tenancy

Blind spot

DDoS

Inter VM attack

NEW QUESTION 75
A framework of containers for all components of application security. best practices. catalogued and leveraged by the ORGANIZATION is called:

ANF

ONF

CAF

DAF

Leave a Reply Cancel reply