CCSK EXAM QUESTIONS
AND ANSWERS ALL
CORRECT
What is on-demand self-service? - Answer- When consumers can provision computing
capabilities without human interaction with a CSP
What is broad network access? - Answer- resources hosted in a cloud network that are
available for access from a wide range of devices, such as tablets, PCs, Macs and
smartphones
The entitlement process should address these four things: - Answer- 1. What attributes
are required
2. the source of the attributes
3. the org that will provide them
4. the level of trust at which the attributes can be asserted
Key issues with provisioning: - Answer- - The link to Human Resources (or the
authoritative source of person-user information) is problematic as HR is often only the
master source for staff on regular payroll.
- There are usually no authoritative information sources for partner information and their
devices.
- The ability to provision other entities (particularly organizations and devices) does not
exist in most organizations.
- Public Identity services generally only provide self-asserted Identity and only about
people; it does not extend to the other Entity types.
- De-provisioning needs to extend to all entities, thus most organizations do not have
the ability to off-board another organization when the contract finishes or revoke code
from operating on systems when it is found to be faulty or obsolete.
Which is the most important phase of the IR Life Cycle? - Answer- Preparation
What is the most important part of a strong IR plan? - Answer- Testing and simulation;
the results should then be incorporated back into the plan to increase effectiveness
,What type of info should be logged for a good IR plan? (know examples of each) -
Answer- - audit logs
- error logs
- security-specific logs
- performance logs
How does the dynamic nature of cloud challenge IR? - Answer- - new resources are
added unpredictably and can make quick integration with logging tough
- it can be hard to track who performs what changes when there are a large number of
VMs accessing any particular environment
How does the dispersed nature of cloud challenge IR logging? - Answer- - Different
physical jurisdictions might have different logging rules
Identity as a Service (IDaaS) - Answer- encompasses the software, platform, or
infrastructure services for both public and private solutions
Things to consider around laws and regulations: - Answer- - all countries of the data
subjects
- the country where the org operates
- countries where the org has legal entities / lists on a stock exchange
- countries where data is physically stored
- laws and regulations for all these countries
ITU X.805 - Answer- Security architecture for systems providing end-to-end
communications
Homomorphic Encryption - Answer- he conversion of data into ciphertext that can be
analyzed and worked with as if it were still in its original form; this allows orgs to take
advantage of cloud computing benefits (complex analytics and computations) while still
keeping data encrypted
Review key IAM terms following this link: - Answer- https://solutionsreview.com/identity-
management/identity-management-glossary/
What NIST publication is focused on cloud computing? - Answer- NIST 800-145
Cloud computing is defined by describing: - Answer- - 5 (6) essential characteristics
- 3 cloud service models
- 4 cloud deployment models
5 (7) essential characteristics of cloud computing - Answer- 1. broad network access
2. rapid elasticity
3. measured service
4. on-demand service
, 5. resource pooling
(6). multi-tenancy
(7). used with virtualization tech
3 cloud service models - Answer- 1. SaaS
2. PaaS
3. IaaS
4 cloud deployment models - Answer- 1. public
2. private
3. community
4. hybrid
multi-tenancy - Answer- When the same resources or applications are used by multiple
users
public cloud characteristics - Answer- - owned by the CSP and made available to the
public
owned: 3rd party
managed: 3rd party
located: off-premise
consumed by: untrusted consumers
private cloud characteristics - Answer- - operated for a single org
owned: the org
managed: the org
located: on-premise
consumed by: trusted consumers
community cloud characteristics - Answer- - shared by several orgs that share a
common goal
owned: 3rd party
managed: 3rd party
located: off-premise
consumed by: trusted consumers
hybrid cloud characteristics - Answer- - composition of two or more clouds that remain
unique but bound together
owned: both
managed: both
located: both
consumed by: both
Jericho cloud cube model - Answer- A 3-D cube matrix used to differentiate between
different cloud formations (KNOW THIS)
AND ANSWERS ALL
CORRECT
What is on-demand self-service? - Answer- When consumers can provision computing
capabilities without human interaction with a CSP
What is broad network access? - Answer- resources hosted in a cloud network that are
available for access from a wide range of devices, such as tablets, PCs, Macs and
smartphones
The entitlement process should address these four things: - Answer- 1. What attributes
are required
2. the source of the attributes
3. the org that will provide them
4. the level of trust at which the attributes can be asserted
Key issues with provisioning: - Answer- - The link to Human Resources (or the
authoritative source of person-user information) is problematic as HR is often only the
master source for staff on regular payroll.
- There are usually no authoritative information sources for partner information and their
devices.
- The ability to provision other entities (particularly organizations and devices) does not
exist in most organizations.
- Public Identity services generally only provide self-asserted Identity and only about
people; it does not extend to the other Entity types.
- De-provisioning needs to extend to all entities, thus most organizations do not have
the ability to off-board another organization when the contract finishes or revoke code
from operating on systems when it is found to be faulty or obsolete.
Which is the most important phase of the IR Life Cycle? - Answer- Preparation
What is the most important part of a strong IR plan? - Answer- Testing and simulation;
the results should then be incorporated back into the plan to increase effectiveness
,What type of info should be logged for a good IR plan? (know examples of each) -
Answer- - audit logs
- error logs
- security-specific logs
- performance logs
How does the dynamic nature of cloud challenge IR? - Answer- - new resources are
added unpredictably and can make quick integration with logging tough
- it can be hard to track who performs what changes when there are a large number of
VMs accessing any particular environment
How does the dispersed nature of cloud challenge IR logging? - Answer- - Different
physical jurisdictions might have different logging rules
Identity as a Service (IDaaS) - Answer- encompasses the software, platform, or
infrastructure services for both public and private solutions
Things to consider around laws and regulations: - Answer- - all countries of the data
subjects
- the country where the org operates
- countries where the org has legal entities / lists on a stock exchange
- countries where data is physically stored
- laws and regulations for all these countries
ITU X.805 - Answer- Security architecture for systems providing end-to-end
communications
Homomorphic Encryption - Answer- he conversion of data into ciphertext that can be
analyzed and worked with as if it were still in its original form; this allows orgs to take
advantage of cloud computing benefits (complex analytics and computations) while still
keeping data encrypted
Review key IAM terms following this link: - Answer- https://solutionsreview.com/identity-
management/identity-management-glossary/
What NIST publication is focused on cloud computing? - Answer- NIST 800-145
Cloud computing is defined by describing: - Answer- - 5 (6) essential characteristics
- 3 cloud service models
- 4 cloud deployment models
5 (7) essential characteristics of cloud computing - Answer- 1. broad network access
2. rapid elasticity
3. measured service
4. on-demand service
, 5. resource pooling
(6). multi-tenancy
(7). used with virtualization tech
3 cloud service models - Answer- 1. SaaS
2. PaaS
3. IaaS
4 cloud deployment models - Answer- 1. public
2. private
3. community
4. hybrid
multi-tenancy - Answer- When the same resources or applications are used by multiple
users
public cloud characteristics - Answer- - owned by the CSP and made available to the
public
owned: 3rd party
managed: 3rd party
located: off-premise
consumed by: untrusted consumers
private cloud characteristics - Answer- - operated for a single org
owned: the org
managed: the org
located: on-premise
consumed by: trusted consumers
community cloud characteristics - Answer- - shared by several orgs that share a
common goal
owned: 3rd party
managed: 3rd party
located: off-premise
consumed by: trusted consumers
hybrid cloud characteristics - Answer- - composition of two or more clouds that remain
unique but bound together
owned: both
managed: both
located: both
consumed by: both
Jericho cloud cube model - Answer- A 3-D cube matrix used to differentiate between
different cloud formations (KNOW THIS)
