CCSK Exam Dumps - Certificate of Cloud Security Knowledge (CCSK v5.0)

In the Infrastructure as a Service (IaaS) model, the cloud provider delivers the basic infrastructure components such as virtual machines, storage, and networking resources. However, the customer is responsible for managing the operating system, applications, and any software configurations that run on the infrastructure. This gives the customer more control over the environment while still benefiting from the cloud provider's hardware and scalability.

The provider manages the operating system, runtime, and infrastructure, and the customer is only responsible for managing the applications. NaaS focuses on network services, not the management of operating systems and applications. The provider manages everything, including the operating system and applications, and the customer simply uses the software.

MFA enhances security by requiring multiple independent forms of authentication, making it harder for attackers to gain unauthorized access. Reference: [Security Guidance v5, Domain 5 - IAM]

Object storage is highly scalable and suitable for cloud-native applications that require durability and efficient storage of unstructured data. Reference: [CCSK Study Guide, Domain 9 - Data Storage Types]

While AI improves threat detection, it also introduces risks as attackers can use it to develop advanced attack methods. Organizations must balance these risks. Reference: [CCSK Study Guide, Domain 12 - AI and Security]

AI workloads often require isolation and strict access controls to prevent unauthorized access and safeguard sensitive data involved in machine learning processes. Reference: [CCSK Study Guide, Domain 8 - AI Workload Security]

Real-time visibility allows for monitoring container behavior during runtime, helping to identify and respond to security incidents as they occur. Reference: [Security Guidance v5, Domain 8 - Cloud Workload Security]

SLAs play a key role in cloud incident management as they define response expectations and support arrangements between CSPs and CSCs. Reference: [CCSK Study Guide, Domain 11 - Incident Response]

Multiple independent deployments help isolate workloads, reducing the potential impact of a breach by confining it to a single deployment environment. Reference: [Security Guidance v5, Domain 7 - Infrastructure & Networking]