CCSK Questions
Create, Store, Use, Share, Archive, Destroy - CORRECT ANSWERWhich is the correct sequence of Cloud
Datalife cycle phases?
Customer - CORRECT ANSWERSecurity Governance, Risk and Compliance(GRC) is, generally,
responsibility of which of the following across all the platforms (IaaS, PaaS and SaaS)?
ISO 27005 - CORRECT ANSWERWhich of the standards is related to risk management?
Measured service - CORRECT ANSWER"Resource usage can be monitored, controlled, and reported,
providing transparency for both the provider and consumer of the utilized service. " Which of the
following characteristics defines this?
Federation - CORRECT ANSWERWhich is the primary tool used to manage identity and access
management of resources spread across hundreds of different clouds and resources?
OWASP - CORRECT ANSWERWhich is the leading industry leading standard you will recommend to a
web developer when designing web application or an API for a cloud solution?
On the instance attached to the system - CORRECT ANSWERWhere does the encryption engine and key
reside when doing file-level encryption?
Metastructure - CORRECT ANSWERThe management plane controls and configures the:
People - CORRECT ANSWERWhich of the following pose the biggest risk in the organization?
, Lack of transparency in terms of use - CORRECT ANSWERWhich of the following can lead to vendor lock-
in?
IaaS - CORRECT ANSWERln which of the following cloud service models is the customer required to
maintain the operating system?
Software Defined Networks - CORRECT ANSWERWhich of the following adds abstraction layer on top of
networking hardware and decouples network control plane from the data plane?
Application Programming Interfaces (API) - CORRECT ANSWERWhich of the following are
communications method for components within a cloud, some of which (or an entirely different set) are
exposed to the cloud user to manage their resources and configurations?
Isolation Failure - CORRECT ANSWERMulti-tenancy and shared resources are defining characteristics of
cloud computing. However, mechanisms separating storage, memory, routing may fail due to several
reasons. What risk are we talking about?
Technology Audit Program - CORRECT ANSWERWhich one of the following is NOT a level of CSA star
program?
Storage Location - CORRECT ANSWERWhich of the following is a key consideration in Data security but
does not feature in Data Security Life cycle?
SaaS - CORRECT ANSWERWhich of the cloud service model has least maintenance or administration
from a cloud customer perspective?
ISO 27018 - CORRECT ANSWERWhich standard offers guidelines for information security controls
applicable to the provision and use of cloud services?
Create, Store, Use, Share, Archive, Destroy - CORRECT ANSWERWhich is the correct sequence of Cloud
Datalife cycle phases?
Customer - CORRECT ANSWERSecurity Governance, Risk and Compliance(GRC) is, generally,
responsibility of which of the following across all the platforms (IaaS, PaaS and SaaS)?
ISO 27005 - CORRECT ANSWERWhich of the standards is related to risk management?
Measured service - CORRECT ANSWER"Resource usage can be monitored, controlled, and reported,
providing transparency for both the provider and consumer of the utilized service. " Which of the
following characteristics defines this?
Federation - CORRECT ANSWERWhich is the primary tool used to manage identity and access
management of resources spread across hundreds of different clouds and resources?
OWASP - CORRECT ANSWERWhich is the leading industry leading standard you will recommend to a
web developer when designing web application or an API for a cloud solution?
On the instance attached to the system - CORRECT ANSWERWhere does the encryption engine and key
reside when doing file-level encryption?
Metastructure - CORRECT ANSWERThe management plane controls and configures the:
People - CORRECT ANSWERWhich of the following pose the biggest risk in the organization?
, Lack of transparency in terms of use - CORRECT ANSWERWhich of the following can lead to vendor lock-
in?
IaaS - CORRECT ANSWERln which of the following cloud service models is the customer required to
maintain the operating system?
Software Defined Networks - CORRECT ANSWERWhich of the following adds abstraction layer on top of
networking hardware and decouples network control plane from the data plane?
Application Programming Interfaces (API) - CORRECT ANSWERWhich of the following are
communications method for components within a cloud, some of which (or an entirely different set) are
exposed to the cloud user to manage their resources and configurations?
Isolation Failure - CORRECT ANSWERMulti-tenancy and shared resources are defining characteristics of
cloud computing. However, mechanisms separating storage, memory, routing may fail due to several
reasons. What risk are we talking about?
Technology Audit Program - CORRECT ANSWERWhich one of the following is NOT a level of CSA star
program?
Storage Location - CORRECT ANSWERWhich of the following is a key consideration in Data security but
does not feature in Data Security Life cycle?
SaaS - CORRECT ANSWERWhich of the cloud service model has least maintenance or administration
from a cloud customer perspective?
ISO 27018 - CORRECT ANSWERWhich standard offers guidelines for information security controls
applicable to the provision and use of cloud services?
