Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CCSK Exam Dumps - Certificate of Cloud Security Knowledge (CCSK v5.0)

Go to page:
Question # 17

Which statement best describes the impact of Cloud Computing on business continuity management?

A.

A general lack of interoperability standards means that extra focus must be placed on the security aspects of migration between Cloud providers.

B.

The size of data sets hosted at a Cloud provider can present challenges if migration to another provider becomes necessary.

C.

Customers of SaaS providers in particular need to mitigate the risks of application lock-in.

D.

Clients need to do business continuity planning due diligence in case they suddenly need to switch providers.

E.

Geographic redundancy ensures that Cloud Providers provide highly available services.

Full Access
Question # 18

What item below allows disparate directory services and independent security domains to be interconnected?

A.

Coalition

B.

Cloud

C.

Intersection

D.

Union

E.

Federation

Full Access
Question # 19

CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.

Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?

A.

The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls. This approach will save time.

B.

The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls thoroughly. This approach saves time while being able to assess the company’s overall security posture in an efficient manner.

C.

The CCM domains are not mapped to HIPAA/HITECH Act. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CCM. This approach will allow a thorough assessment of the security posture.

Full Access
Question # 20

ENISA: Which is not one of the five key legal issues common across all scenarios:

A.

Data protection

B.

Professional negligence

C.

Globalization

D.

Intellectual property

E.

Outsourcing services and changes in control

Full Access
Question # 21

What can be implemented to help with account granularity and limit

blast radius with laaS an PaaS?

A.

Configuring secondary authentication

B.

Establishing multiple accounts

C.

Maintaining tight control of the primary account holder credentials

D.

Implementing least privilege accounts

E.

Configuring role-based authentication

Full Access
Question # 22

Any given processor and memory will nearly always be running multiple workloads, often from different tenants.

A.

False

B.

True

Full Access
Question # 23

Which of the following is NOT normally a method for detecting and preventing data migration into the cloud?

A.

Intrusion Prevention System

B.

URL filters

C.

Data Loss Prevention

D.

Cloud Access and Security Brokers (CASB)

E.

Database Activity Monitoring

Full Access
Question # 24

CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

A.

Risk Impact

B.

Domain

C.

Control Specification

Full Access
Go to page: