CCSK Online Practice Questions and Answers
REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.
A. False
B. True
Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?
A. More physical control over assets and processes.
B. Greater reliance on contracts, audits, and assessments due to lack of visibility or management.
C. Decreased requirement for proactive management of relationship and adherence to contracts.
D. Increased need, but reduction in costs, for managing risks accepted by the cloud provider.
E. None of the above.
ENISA: A reason for risk concerns of a cloud provider being acquired is:
A. Arbitrary contract termination by acquiring company
B. Resource isolation may fail
C. Provider may change physical location
D. Mass layoffs may occur
E. Non-binding agreements put at risk
CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in their production environment. Which of the following Change Control and configuration Management production environment specific control should they implement in this scenario?
A. Policies and procedures shall be established for managing the risks associated with applying changes to business-critical or customer (tenant)-impacting (physical and virtual) applications and system-system interface (API) designs and configurations, infrastructure network and systems components.
B. Policies and procedures shall be established, and supporting business processes and technical measures implemented, to restrict the installation of unauthorized software on organizationally-owned or managed user end-point devices
(e.g. issued workstations, laptops, and mobile devices) and IT infrastructure network and systems components.
C. All cloud-based services used by the company's mobile devices or BYOD shall be pre-approved for usage and the storage of company business data.
D. None of the above
CCM: Which of the following statement about CSA's CCM and Security Guidance is False?
A. CSA's CCM provides a set of control objective against which an organization should assess cloud security
B. CSA's Security Guidance tells you WHAT to do, the CCM tells you HOW to do it
C. CSAs Security Guidance provides a set of best practices and recommendations
D. CSA's CCM tells you WHAT to do, the Guidance tells you HOW to do it
The key concern of data backup and recovery schemes is:
A. Data aggregation should not cause breaches
B. They must prevent data loss, unwanted data overwrite and destruction
C. Assurance that cloud provider has multiple data centers for disaster recover
D. Assurance that deleted data is in fact unrecoverable
E. Data should not be commingled with other customers
CCM: What is the role of the Scope Applicability column in the CCM?
A. It show which architectural elements are related to a given control
B. It describes the applicability of the overall domain
C. It maps the existing industry standards to the controls in the domains
D. It describes the applicability of the controls in the domains
E. None of the above
When considering business continuity and disaster recovery with a cloud provider, which layer of the logical stack includes code and message queues?
A. Applistructure
B. Datastructure
C. Infostructure
D. Infrastructure
E. Metastructure
What is a method used to decouple the network control plane from the data plane?
A. Information Management Policies
B. Multitenancy
C. Network Intrusion Detect on Systems (NIDS)
D. Software defined Networking (SDN)
E. Virtual LANs (VLANs)
What is a benefit of application security in a cloud environment?
A. Increased application scope
B. Limited detailed visibility
C. Reduced transparency
D. Non-uni ed interface
E. Isolated environments