Use Real CCSK - 100% Cover Real Exam Questions [Oct-2021]
Dumps Brief Outline Of The CCSK Exam - PassReview
NEW QUESTION 76
According to ISO 27018. data processor has explicit control over how CSPs are to use PII.
- A. False
- B. True
Answer: A
Explanation:
In ISO 27018, it is the customer who has explicit right over how CSPs will use their information
NEW QUESTION 77
In a cloud scenario. who is the data processor and who is the data controller?
- A. Cloud Service Provider is the data controller and its customer is the data processor
- B. Cloud Service Provider is the data processor and its customer is the data controller
- C. Database admin is the data controller and application owner is the data processor
- D. Neither cloud service provider nor customer is data processor or data controller.
Answer: B
Explanation:
The customer determines the ultimate purpose of the processing and decides on the outsourcing or the delegation of all or part of the concerned activities to external organizations. Therefore, the customer acts as a controller.
When the service provider supplies the means and the platform, acting on behalf of the customer, it is considered to be a data processor.
NEW QUESTION 78
In cloud services. risks and responsibilities are shared between the cloud provider and customer.
however. which of the following holds true?
- A. Cloud Provider liability is limited to financial responsibility
- B. Cloud provider has ultimate legal liability for unauthorised and illicit data disclosures
- C. Cloud Customer has ultimate legal liability for unauthorised and illicit data disclosures
- D. Cloud Customer liability is limited to financial responsibility
Answer: C
Explanation:
In a shared responsibility model. Data security is responsibility of the cloud consumer and he is legally liable.
NEW QUESTION 79
Which of the following establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information(PII) in accordance with the privacy principles in IS0/IEC 29100 for the public cloud computing environment?
- A. IS0 27017
- B. IS0 27032
- C. IS0 27034
- D. IS0 27018
Answer: D
Explanation:
IS0/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information(PII) in accordance with the privacy principles in IS0/IEC 29100 for the public cloud computing environment.
NEW QUESTION 80
Which of the following is the key difference between cloud computing and traditional virtualization?
- A. Abstraction
- B. Orchestration
- C. Isolation
- D. Classification
Answer: B
Explanation:
Orchestration is the difference between cloud computing and traditional virtualization; virtualization abstracts resources. but it typically lacks the orchestration to pool them together and deliver them to customers on demand. instead relying on manual processes.
Ref: CSA Security Guidelines V4.0
NEW QUESTION 81
The amount of risk that the leadership and stakeholders of an organization are willing to accept is know as:
- A. Residual Risk
- B. Risk Residual
- C. Risk Tolerance
- D. Risk Acceptance
Answer: C
Explanation:
Risk tolerance is the amount of risk that the leadership and stakeholders of an organization are willing to accept. It varies based on asset and you shouldn't make a blanket risk decision about a particular provider; rather, assessments should align with the value and requirements of the assets Ref: Security Guidance v4.0 Copyright2017, Cloud Security Alliance(used for educational purpose here)
NEW QUESTION 82
No policy on resource capping can lead to:
- A. Resource manipulation
- B. Data disclosure
- C. Data manipulation
- D. Resource Exhaustion
Answer: D
Explanation:
It can lead to resource exhaustion if you do not put upper limit on resource allocation.
Cloud services are on-demand Therefore there is a level of calculated risk in allocating all the resources of a cloud service, because resources are allocated according to statistical projections. In accurate modelling of resources usage- common resources allocation algorithms are vulnerable to distortions of fairness
NEW QUESTION 83
Which governance domain deals with evaluating how cloud computing affects compliance with internal security policies and various legal requirements, such as regulatory and legislative?
- A. Compliance and Audit Management
- B. Legal Issues: Contracts and Electronic Discovery
- C. Infrastructure Security
- D. Governance and Enterprise Risk Management
- E. Information Governance
Answer: A
NEW QUESTION 84
Database as a Service is an example of :
- A. Software as a Service(SaaS)
- B. Program as a Service(PaaS)
- C. Platform as a Service(PaaS)
- D. Infrastructure as a Service(IaaS)
Answer: C
Explanation:
One option. frequently seen in the real world and illustrated in our model. is to build a platform on top of IaaS. A layer of integration and middleware is built on IaaS. then pooled together. orchestrated. and exposed to customers using APIs as PaaS. For example, a Database as a Service could be built by deploying modified database management system software on instances running in IaaS. The customer manages the database via API (and a web console) and accesses it either through the normal database network protocols, or, again, via API.
Ref: CSA Security Guidelines V4.0
NEW QUESTION 85
One of key focus of ISO 27001 standard is:
- A. Find the data breaches in the organization
- B. Develop ISMS (Information Security management system)
- C. Put security controls in place
- D. Define organizational structure
Answer: B
Explanation:
ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).
An ISMS is a systematic approach to managing sensitive company information so that it remains secure.
It includes people, processes and IT systems by applying a risk management process.
NEW QUESTION 86
Single cloud assets are typically less resilient than in the case of traditional infrastructure.
- A. True
- B. False
Answer: A
Explanation:
Cloud platforms can be incredibly resilient. but single cloud assets are typically less resilient than in the case of traditional infrastructure. This is due to the inherently greater fragility of virtualized resources running in highly-complex environments.
Reference: CSA Security Guidelines V.4 (reproduced here for the educational purpose)
NEW QUESTION 87
How does virtualized storage help avoid data loss if a drive fails?
- A. Drives are backed up, swapped, and archived constantly
- B. Multiple copies in different locations
- C. Data loss is unavoidable with drive failures
- D. Full back ups weekly
- E. Incremental backups daily
Answer: B
NEW QUESTION 88
Which of the following type of risk assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action?
- A. Qualitative Analysis
- B. Quantitative Analysis
- C. Outsourced risk analysis
- D. Third party Risk Analysis
Answer: B
Explanation:
Quantitative assessments typically employ a set of methods, principles, or rules for assessing risk based on the use of numbers This type of assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action.
NEW QUESTION 89
An important consideration when performing a remote vulnerability test of a cloud-based application is to
- A. Obtain provider permission for test
- B. Use application layer testing tools exclusively
- C. Schedule vulnerability test at night
- D. Use network layer testing tools exclusively
- E. Use techniques to evade cloud provider's detection systems
Answer: A
Explanation:
Explanation/Reference:
NEW QUESTION 90
Exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations, are called:
- A. Honepots
- B. Threat Agents
- C. Vulnerbilities
- D. Threats
Answer: C
NEW QUESTION 91
What is the key benefit provided to the customer in Infrastructure as a Service model?
- A. Transfer of cost of ownership
- B. Scalability
- C. Reduction of Risk
- D. Governance
Answer: A
Explanation:
Transfer of cost of ownership is the key benefit of IaaS model.
NEW QUESTION 92
Which of the following is a key consideration in Data security but does not feature in Data Security Life cycle?
- A. Storage Device
- B. Storage protocol
- C. Storage Location
- D. Access Method
Answer: C
Explanation:
The lifecycle represents the phases information passes through but doesnt address its location or how it is accessed.
NEW QUESTION 93
Which of the following is not an abuse or misuse of cloud services?
- A. Email Spam
- B. Data Deletion
- C. Launching DDoS Attacks
- D. Phishing campaigns
Answer: B
Explanation:
Please note here and understand the meaning of phrase "abuse or misuse of cloud Services". This phrase means to launch attacks or campaign by using cloud as a platform, mostly, public cloud.
NEW QUESTION 94
The characteristics and traits of an individual that when aggregated could reveal the identity of that person. are known as:
- A. Indirect Identifiers
- B. Indirect identifications
- C. Indirect Identity Marks
- D. Indirect indicators
Answer: A
Explanation:
Indirect identifiers typically consist of demographic or socioeconomic information, dates, or events.
Although each standalone indirect identifier cannot identify the individual, the risk is that combining a number of indirect identifiers with external data can result in exposing the subject of the information.
For example, imagine a scenario in which users were able to combine search engine data, coupled with online streaming recommendations to tie back posts and recommendations to individual users on a website.
NEW QUESTION 95
......
Certification Training for CCSK Exam Dumps Test Engine: https://www.passreview.com/CCSK_exam-braindumps.html
CCSK Training & Certification Get Latest Cloud Security Knowledge : https://drive.google.com/open?id=1NudWu20_PmaNx1vjH2lENsY8SVOLRI9H