CSA CCSK Certificate Of Cloud Security Knowledge Exam Exam Practice Test Questions

• Question 1

  What is known as a code execution environment running within an operating system that shares and uses the resources of the operating system?

  • Platform-based Workload
  • Pod
  • Abstraction
  • Container
  • Virtual machine

  Show Answer Answer: D Next

• Question 2

  Which governance domain focuses on proper and adequate incident detection, response,notification, and remediation?

  • Data Security and Encryption
  • Information Governance
  • Incident Response, Notification and Remediation
  • Compliance and Audit Management
  • Infrastructure Security

  Show Answer Answer: C Next

• Question 3

  An important consideration when performing a remote vulnerability test of a cloud-based application is to

  • Obtain provider permission for test
  • Use techniques to evade cloud provider’s detection systems
  • Use application layer testing tools exclusively
  • Use network layer testing tools exclusively
  • Schedule vulnerability test at night

  Show Answer Answer: A Next

• Question 4

  CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?

  • The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls. This approach will save time.
  • The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls thoroughly. This approach saves time while being able to assess the company’s overall security posture in an efficient manner.
  • The CCM domains are not mapped to HIPAA/HITECH Act. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CCM. This approach will allow a thorough assessment of the security posture.

  Show Answer Answer: C Next

• Question 5

  How can web security as a service be deployed for a cloud consumer?

  • By proxying or redirecting web traffic to the cloud provider
  • By utilizing a partitioned network drive
  • On the premise through a software or appliance installation
  • Both A and C
  • None of the above

  Show Answer Answer: A Next