(ANSWERED) CS CYBER SECU CCSK Exam 2 |Pace
University
Your answers are shown below:
1. Identity and Access Management (IAM) includes which of the following?
● Identification, authentication and authorization
● Identification, authentication, authorization and non-repudiation
● Identification, authentication, authorization and encryption
● Identification, authentication, authorization and delegation
● Identification, authentication, authorization and deletion
Question was not answered
2. In which of the five main phases of secure application design and
development, you perform Threat Modelling?
● Training
● Define
● Design
● Develop
● Test
Question was not answered
,3. When entrusting a third party to process the data on its behalf,
who remains responsible for the collection and processing of the
data?
● Data Processor
● Data Controller
● Data Analyzer
● Data Protector
Question was not answered
4. Attestations and certifications are activities that will be valid at any future
point in time and providers must keep any published results readily available
for quick reference.
● True
● False
Question was not answered
5. The Cloud Security Alliance STAR Registry is used for which of the
following purposes?
● Used by cloud providers to document their security and compliance
controls
● List all cloud security controls mapped to multiple security standards
● To publicly release certifications and attestations
● Used by cloud providers to keep all the service contracts and
service level agreements
Question was not answered
, 6. Logs, documentation, and other materials that are needed for audits and
compliance and are used as evidence to support compliance activities are
called as-
● Audit Proof
● Audit Evidence
● Audit Trail
● Artifacts
● Log Trail
Question was not answered
7. If an attacker gets into your management plane, they have full remote
access to your entire cloud environment.
● True
● False
Question was not answered
8. Which of the following statement regarding service administrator account is
not true?
● Service administrator’s accounts are more suited for common daily use.
● Service administrator’s help compartmentalize individual sessions.
● Service administrator accounts can expose the entire deployment.
● Service administrators accounts manage parts of the service.
Question was not answered
University
Your answers are shown below:
1. Identity and Access Management (IAM) includes which of the following?
● Identification, authentication and authorization
● Identification, authentication, authorization and non-repudiation
● Identification, authentication, authorization and encryption
● Identification, authentication, authorization and delegation
● Identification, authentication, authorization and deletion
Question was not answered
2. In which of the five main phases of secure application design and
development, you perform Threat Modelling?
● Training
● Define
● Design
● Develop
● Test
Question was not answered
,3. When entrusting a third party to process the data on its behalf,
who remains responsible for the collection and processing of the
data?
● Data Processor
● Data Controller
● Data Analyzer
● Data Protector
Question was not answered
4. Attestations and certifications are activities that will be valid at any future
point in time and providers must keep any published results readily available
for quick reference.
● True
● False
Question was not answered
5. The Cloud Security Alliance STAR Registry is used for which of the
following purposes?
● Used by cloud providers to document their security and compliance
controls
● List all cloud security controls mapped to multiple security standards
● To publicly release certifications and attestations
● Used by cloud providers to keep all the service contracts and
service level agreements
Question was not answered
, 6. Logs, documentation, and other materials that are needed for audits and
compliance and are used as evidence to support compliance activities are
called as-
● Audit Proof
● Audit Evidence
● Audit Trail
● Artifacts
● Log Trail
Question was not answered
7. If an attacker gets into your management plane, they have full remote
access to your entire cloud environment.
● True
● False
Question was not answered
8. Which of the following statement regarding service administrator account is
not true?
● Service administrator’s accounts are more suited for common daily use.
● Service administrator’s help compartmentalize individual sessions.
● Service administrator accounts can expose the entire deployment.
● Service administrators accounts manage parts of the service.
Question was not answered
