Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CCSK Exam Dumps - Certificate of Cloud Security Knowledge (CCSK v5.0)

Go to page:
Question # 33

ENISA: “VM hopping” is:

A.

Improper management of VM instances, causing customer VMs to be commingled with other customer systems.

B.

Looping within virtualized routing systems.

C.

Lack of vulnerability management standards.

D.

Using a compromised VM to exploit a hypervisor, used to take control of other VMs.

E.

Instability in VM patch management causing VM routing errors.

Full Access
Question # 34

The containment phase of the incident response lifecycle requires taking systems offline.

A.

False

B.

True

Full Access
Question # 35

What is a core tenant of risk management?

A.

The provider is accountable for all risk management.

B.

You can manage, transfer, accept, or avoid risks.

C.

The consumers are completely responsible for all risk.

D.

If there is still residual risk after assessments and controls are in

place, you must accept the risk.

E.

Risk insurance covers all financial losses, including loss of

customers.

Full Access
Question # 36

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

A.

The metrics defining the service level required to achieve regulatory objectives.

B.

The duration of time that a security violation can occur before the client begins assessing regulatory fines.

C.

The cost per incident for security breaches of regulated information.

D.

The regulations that are pertinent to the contract and how to circumvent them.

E.

The type of security software which meets regulations and the number of licenses that will be needed.

Full Access
Question # 37

What does it mean if the system or environment is built automatically from a template?

A.

Nothing.

B.

It depends on how the automation is configured.

C.

Changes made in production are overwritten by the next code or template change.

D.

Changes made in test are overwritten by the next code or template change.

E.

Changes made in production are untouched by the next code or template change.

Full Access
Question # 38

Network logs from cloud providers are typically flow records, not full packet captures.

A.

False

B.

True

Full Access
Question # 39

CCM: A company wants to use the IaaS offering of some CSP. Which of the following options for using CCM is NOT suitable for the company as a cloud customer?

A.

Submit the CCM on behalf of the CSP to CSA Security, Trust & Assurance Registry (STAR), a free, publicly accessible registry that documents the security controls provided by CSPs

B.

Use CCM to build a detailed list of requirements and controls that they want their CSP to implement

C.

Use CCM to help assess the risk associated with the CSP

D.

None of the above

Full Access
Question # 40

CCM: The following list of controls belong to which domain of the CCM?

GRM 06 – Policy GRM 07 – Policy Enforcement GRM 08 – Policy Impact on Risk Assessments GRM 09 – Policy Reviews GRM 10 – Risk Assessments GRM 11 – Risk Management Framework

A.

Governance and Retention Management

B.

Governance and Risk Management

C.

Governing and Risk Metrics

Full Access
Go to page: