Free Certificate Of Cloud Security Knowledge Exam CCSK Exam Practice Test

What is the newer application development methodology and philosophy focused on automation of application development and deployment?

• Agile
• BusOps
• DevOps
• SecDevOps
• Scrum

To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

• Provider documentation
• Provider run audits and reports
• Third-party attestations
• Provider and consumer contracts
• EDiscovery tools

Why is a service type of network typically isolated on different hardware?

• It requires distinct access controls
• It manages resource pools for cloud consumers
• It has distinct functions from other networks
• It manages the traffic between other networks
• It requires unique security

How should an SDLC be modified to address application security in a Cloud Computing environment?

• Integrated development environments
• Updated threat and trust models
• No modification is needed
• Just-in-time compilers
• Both B and C

Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?

• More physical control over assets and processes.
• Greater reliance on contracts, audits, and assessments due to lack of visibility or management.
• Decreased requirement for proactive management of relationship and adherence to contracts.
• Increased need, but reduction in costs, for managing risks accepted by the cloud provider.
• None of the above.

Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?

• Auditors working in the interest of the cloud customer
• Independent auditors
• Certified by CSA
• Auditors working in the interest of the cloud provider
• None of the above

The Software Defined Perimeter (SDP) includes which components?

• Client, Controller, and Gateway
• Client, Controller, Firewall, and Gateway
• Client, Firewall, and Gateway
• Controller, Firewall, and Gateway
• Client, Controller, and Firewall

Which of the following is NOT normally a method for detecting and preventing data migration into the cloud?

• Intrusion Prevention System
• URL filters
• Data Loss Prevention
• Cloud Access and Security Brokers (CASB)
• Database Activity Monitoring

What is a potential concern of using Security-as-a-Service (SecaaS)?

• Lack of visibility
• Deployment flexibility
• Scaling and costs
• Intelligence sharing
• Insulation of clients

ENISA: An example high risk role for malicious insiders within a Cloud Provider includes

• Sales
• Marketing
• Legal counsel
• Auditors
• Accounting