Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: geek65

CCSK Certificate of Cloud Security Knowledge v5 (CCSKv5.0) Questions and Answers

Questions 4

Which of the following is a common risk factor related to misconfiguration and inadequate change control in cybersecurity?

Options:

A.

Failure to update access controls after employee role changes

B.

Lack of sensitive data encryption

C.

Lack of 3rd party service provider specialized in patch management procedures

D.

Excessive SBOM focus

Buy Now
Questions 5

Which aspect of a Cloud Service Provider's (CSPs) infrastructure security involves protecting the interfaces used to manage configurations and resources?

Options:

A.

Management plane

B.

Virtualization layers

C.

Physical components

D.

PaaS/SaaS services

Buy Now
Questions 6

Which approach is essential in identifying compromised identities in cloud environments where attackers utilize automated methods?

Options:

A.

Focusing exclusively on signature-based detection for known malware

B.

Deploying behavioral detectors for IAM and management plane activities

C.

Implementing full packet capture and monitoring

D.

Relying on IP address and connection header monitoring

Buy Now
Questions 7

Which attack surfaces, if any, does virtualization technology introduce?

Options:

A.

The hypervisor

B.

Virtualization management components apart from the hypervisor

C.

Configuration and VM sprawl issues

D.

All of the above

Buy Now
Questions 8

Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?

Options:

A.

Data Security and Encryption

B.

Information Governance

C.

Incident Response, Notification and Remediation

D.

Compliance and Audit Management

E.

Infrastructure Security

Buy Now
Questions 9

What is the primary purpose of virtual machine (VM) image sources?

Options:

A.

To back up data within the VM

B.

To provide core components for VM images

C.

To optimize VM performance

D.

To secure the VM against unauthorized access

Buy Now
Questions 10

All cloud services utilize virtualization technologies.

Options:

A.

False

B.

True

Buy Now
Questions 11

What is a common characteristic of default encryption provided by cloud providers for data at rest?

Options:

A.

It is not available without an additional premium service

B.

It always requires the customer's own encryption keys

C.

It uses the cloud provider's keys, often at no additional cost

D.

It does not support encryption for data at rest

Buy Now
Questions 12

What is the most effective way to identify security vulnerabilities in an application?

Options:

A.

Performing code reviews of the application source code just prior to release

B.

Relying solely on secure coding practices by the developers without any testing

C.

Waiting until the application is fully developed and performing a single penetration test

D.

Conducting automated and manual security testing throughout the development

Buy Now
Questions 13

In the cloud provider and consumer relationship, which entity

manages the virtual or abstracted infrastructure?

Options:

A.

Only the cloud consumer

B.

Only the cloud provider

C.

Both the cloud provider and consumer

D.

It is determined in the agreement between the entities

E.

It is outsourced as per the entity agreement

Buy Now
Questions 14

When designing an encryption system, you should start with a threat model.

Options:

A.

False

B.

True

Buy Now
Questions 15

What are the primary security responsibilities of the cloud provider in the management infrastructure?

Options:

A.

Building and properly configuring a secure network infrastructure

B.

Configuring second factor authentication across the network

C.

Properly configuring the deployment of the virtual network, especially the firewalls

D.

Properly configuring the deployment of the virtual network, except the firewalls

E.

Providing as many API endpoints as possible for custom access and configurations

Buy Now
Questions 16

Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?

Options:

A.

The process of specifying and maintaining access policies

B.

Checking data storage to make sure it meets compliance requirements

C.

Giving a third party vendor permission to work on your cloud solution

D.

Establishing/asserting the identity to the application

E.

Enforcing the rules by which access is granted to the resources

Buy Now
Questions 17

In volume storage, what method is often used to support resiliency and security?

Options:

A.

proxy encryption

B.

data rights management

C.

hypervisor agents

D.

data dispersion

E.

random placement

Buy Now
Questions 18

In the context of cloud security, which approach prioritizes incoming data logsfor threat detection by applying multiple sequential filters?

Options:

A.

Cascade-and-filter approach

B.

Parallel processing approach

C.

Streamlined single-filter method

D.

Unfiltered bulk analysis

Buy Now
Questions 19

Which AI workload mitigation strategy best addresses model inversion attacks that threaten data confidentiality?

Options:

A.

Secure multi-party computation

B.

Differential privacy

C.

Encryption

D.

Model hardening

Buy Now
Questions 20

Which approach is commonly used by organizations to manage identities in the cloud due to the complexity of scaling across providers?

Options:

A.

Decentralization

B.

Centralization

C.

Federation

D.

Outsourcing

Buy Now
Questions 21

Which principle reduces security risk by granting users only the permissions essential for their role?

Options:

A.

Role-Based Access Control

B.

Unlimited Access

C.

Mandatory Access Control

D.

Least-Privileged Access

Buy Now
Questions 22

Which of the following best describes compliance in the context of cybersecurity?

Options:

A.

Defining and maintaining the governance plan

B.

Adherence to internal policies, laws, regulations, standards, and best practices

C.

Implementing automation technologies to monitor the control implemented

D.

Conducting regular penetration testing as stated in applicable laws and regulations

Buy Now
Questions 23

ENISA: Which is not one of the five key legal issues common across all scenarios:

Options:

A.

Data protection

B.

Professional negligence

C.

Globalization

D.

Intellectual property

E.

Outsourcing services and changes in control

Buy Now
Questions 24

In the initial stage of implementing centralized identity management, what is the primary focus of cybersecurity measures?

Options:

A.

Developing incident response plans

B.

Integrating identity management and securing devices

C.

Implementing advanced threat detection systems

D.

Deploying network segmentation

Buy Now
Questions 25

CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.

Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?

Options:

A.

The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls. This approach will save time.

B.

The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls thoroughly. This approach saves time while being able to assess the company’s overall security posture in an efficient manner.

C.

The CCM domains are not mapped to HIPAA/HITECH Act. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CCM. This approach will allow a thorough assessment of the security posture.

Buy Now
Questions 26

In the context of cloud security, what is the primary benefit of implementing Identity and Access Management (IAM) with attributes and user context for access decisions?

Options:

A.

Enhances security by supporting authorizations based on the current context and status

B.

Reduces log analysis requirements

C.

Simplifies regulatory compliance by using a single sign-on mechanism

D.

These are required for proper implementation of RBAC

Buy Now
Questions 27

What is the primary objective of posture management in a cloud environment?

Options:

A.

Automating incident response procedures

B.

Optimizing cloud cost efficiency

C.

Continuous monitoring of configurations

D.

Managing user access permissions

Buy Now
Questions 28

In securing virtual machines (VMs), what is the primary role of using an “image factory" in VM deployment?

Options:

A.

To encrypt data within VMs for secure storage

B.

To facilitate direct manual intervention in VM deployments

C.

To enable rapid scaling of virtual machines on demand

D.

To ensure consistency, security, and efficiency in VM image creation

Buy Now
Questions 29

Which of the following best describes the primary purpose of cloud security frameworks?

Options:

A.

To implement detailed procedural instructions for security measures

B.

To organize control objectives for achieving desired security outcomes

C.

To ensure compliance with all regulatory requirements

D.

To provide tools for automated security management

Buy Now
Questions 30

What is an advantage of using Kubernetes for container orchestration?

Options:

A.

Limited deployment options

B.

Manual management of resources

C.

Automation of deployment and scaling

D.

Increased hardware dependency

Buy Now
Questions 31

What is a core tenant of risk management?

Options:

A.

The provider is accountable for all risk management.

B.

You can manage, transfer, accept, or avoid risks.

C.

The consumers are completely responsible for all risk.

D.

If there is still residual risk after assessments and controls are inplace, you must accept the risk.

E.

Risk insurance covers all financial losses, including loss ofcustomers.

Buy Now
Questions 32

Which activity is a critical part of the Post-Incident Analysis phase in cybersecurity incident response?

Options:

A.

Notifying affected parties

B.

Isolating affected systems

C.

Restoring services to normal operations

D.

Documenting lessons learned and improving future responses

Buy Now
Questions 33

What key activities are part of the preparation phase in incident response planning?

Options:

A.

Implementing encryption and access controls

B.

Establishing a response process, training, communication plans, and infrastructure evaluations

C.

Creating incident reports and post-incident reviews

D.

Developing malware analysis procedures and penetration testing

Buy Now
Questions 34

Which type of security tool is essential for enforcing controls in a cloud environment to protect endpoints?

Options:

A.

Unified Threat Management (UTM).

B.

Web Application Firewall (WAF).

C.

Endpoint Detection and Response (EDR).

D.

Intrusion Detection System (IDS).

Buy Now
Questions 35

What is true of searching data across cloud environments?

Options:

A.

You might not have the ability or administrative rights to search or access all hosted data.

B.

The cloud provider must conduct the search with the full administrative controls.

C.

All cloud-hosted email accounts are easily searchable.

D.

Search and discovery time is always factored into a contract between the consumer and provider.

E.

You can easily search across your environment using any E-Discovery tool.

Buy Now
Questions 36

Which of the following best describes an aspect of PaaS services in relation to network security controls within a cloud environment?

Options:

A.

They override the VNet/VPC's network security controls by default

B.

They do not interact with the VNet/VPC’s network security controls

C.

They require manual configuration of network security controls, separate from the VNet/VPC

D.

They often inherit the network security controls of the underlying VNet/VPC

Buy Now
Questions 37

Which of the following BEST describes a benefit of Infrastructure as Code (IaC) in cybersecurity contexts?

Options:

A.

Reduces the need for security auditing

B.

Enables consistent security configurations through automation

C.

Increases manual control over security settings

D.

Increases scalability of cloud resources

Buy Now
Questions 38

According to NIST, what is cloud computing defined as?

Options:

A.

A shared set of resources delivered over the Internet

B.

A model for more-efficient use of network-based resources

C.

A model for on-demand network access to a shared pool of configurable resources

D.

Services that are delivered over the Internet to customers

Buy Now
Questions 39

When designing a cloud-native application that requires scalable and durable data storage, which storage option should be primarily considered?

Options:

A.

Network Attached Storage (NAS)

B.

Block storage

C.

File storage

D.

Object storage

Buy Now
Questions 40

Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

Options:

A.

Access control

B.

Federated Identity Management

C.

Authoritative source

D.

Entitlement

E.

Authentication

Buy Now
Questions 41

Which feature in cloud enhances security by isolating deployments similar to deploying in distinct data centers?

Options:

A.

A single deployment for all applications

B.

Shared deployments for similar applications

C.

Randomized deployment configurations

D.

Multiple independent deployments for applications

Buy Now
Questions 42

What is a key benefit of using customer-managed encryption keys with cloud key management service (KMS)?

Options:

A.

Customers can bypass the need for encryption

B.

Customers retain control over their encryption keys

C.

Customers can share their encryption keys more easily

D.

It reduces the computational load on the cloud service provider

Buy Now
Questions 43

Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.

Options:

A.

False

B.

True

Buy Now
Questions 44

What is true of a workload?

Options:

A.

It is a unit of processing that consumes memory

B.

It does not require a hardware stack

C.

It is always a virtual machine

D.

It is configured for specific, established tasks

E.

It must be containerized

Buy Now
Questions 45

Sending data to a provider’s storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider

Options:

A.

False

B.

True

Buy Now
Questions 46

Which practice minimizes human error in long-running cloud workloads’ security management?

Options:

A.

Increasing manual security audits frequency

B.

Converting all workloads to ephemeral

C.

Restricting access to workload configurations

D.

Implementing automated security and compliance checks

Buy Now
Questions 47

In the shared security model, how does the allocation of responsibility vary by service?

Options:

A.

Shared responsibilities should be consistent across all services.

B.

Based on the per-service SLAs for security.

C.

Responsibilities are the same across IaaS, PaaS, and SaaS in the shared model.

D.

Responsibilities are divided between the cloud provider and the customer based on the service type.

Buy Now
Questions 48

Why is a service type of network typically isolated on different hardware?

Options:

A.

It requires distinct access controls

B.

It manages resource pools for cloud consumers

C.

It has distinct functions from other networks

D.

It manages the traffic between other networks

E.

It requires unique security

Buy Now
Questions 49

Your SLA with your cloud provider ensures continuity for all services.

Options:

A.

False

B.

True

Buy Now
Questions 50

A company plans to shift its data processing tasks to the cloud. Which type of cloud workload best describes the use of software emulations of physical computers?

Options:

A.

Platform as a Service (PaaS)

B.

Serverless Functions (FaaS)

C.

Containers

D.

Virtual Machines (VMs)

Buy Now
Questions 51

What is the purpose of the "Principle of Least Privilege" in Identity and Access Management (IAM)?

Options:

A.

To minimize the risk of unauthorized access by assigning access rights based on role requirements

B.

To streamline access across diverse systems or organizations

C.

To continuously monitor user activity for suspicious behavior

D.

To implement multiple layers of security checks for access control

Buy Now
Questions 52

When comparing different Cloud Service Providers (CSPs), what should a cybersecurity professional be mindful of regarding their organizational structures?

Options:

A.

All CSPs use the same organizational structure and terminology

B.

Different CSPs may have similar structures but use varying terminology

C.

CSPs have vastly different organizational structures and identical terminology

D.

Terminology difference in CSPs does not affect cybersecurity practices.

Buy Now
Questions 53

When mapping functions to lifecycle phases, which functions are required to successfully process data?

Options:

A.

Create, Store, Use, and Share

B.

Create and Store

C.

Create and Use

D.

Create, Store, and Use

E.

Create, Use, Store, and Delete

Buy Now
Questions 54

How does cloud sprawl complicate security monitoring in an enterprise environment?

Options:

A.

Cloud sprawl disperses assets, making it harder to monitor assets.

B.

Cloud sprawl centralizes assets, simplifying security monitoring.

C.

Cloud sprawl reduces the number of assets, easing security efforts.

D.

Cloud sprawl has no impact on security monitoring.

Buy Now
Questions 55

Which resilience tool helps distribute network or application traffic across multiple servers to ensure reliability and availability?

Options:

A.

Redundancy

B.

Auto-scaling

C.

Load balancing

D.

Failover

Buy Now
Questions 56

What is a potential concern of using Security-as-a-Service (SecaaS)?

Options:

A.

Lack of visibility

B.

Deployment flexibility

C.

Scaling and costs

D.

Intelligence sharing

E.

Insulation of clients

Buy Now
Questions 57

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

Options:

A.

Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.

B.

Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.

C.

Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.

D.

Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.

E.

Both B and C.

Buy Now
Questions 58

Why is it important to control traffic flows between networks in a cybersecurity context?

Options:

A.

To increase the speed of data transmission

B.

To reduce the blast radius of attacks

C.

To simplify network architecture

D.

To reduce the amount of data stored

Buy Now
Questions 59

What is the main purpose of multi-region resiliency in cloud environments?

Options:

A.

To increase the number of users in each region

B.

To ensure compliance with regional and international data laws

C.

To reduce the cost of deployments and increase efficiency

D.

To improve fault tolerance through deployments across multiple regions

Buy Now
Questions 60

What is a primary benefit of implementing micro-segmentation within a Zero Trust Architecture?

Options:

A.

Simplifies network design and maintenance

B.

Enhances security by isolating workloads from each other

C.

Increases the overall performance of network traffic

D.

Reduces the need for encryption across the network

Buy Now
Questions 61

Which factors primarily drive organizations to adopt cloud computing solutions?

Options:

A.

Scalability and redundancy

B.

Improved software development methodologies

C.

Enhanced security and compliance

D.

Cost efficiency and speed to market

Buy Now
Questions 62

Containers are highly portable code execution environments.

Options:

A.

False

B.

True

Buy Now
Questions 63

In the context of incident response, which phase involves alerts validation to reduce false positives and estimates the incident's scope?

Options:

A.

Preparation

B.

Post-Incident Analysis

C.

Detection & Analysis

D.

Containment, Eradication, & Recovery

Buy Now
Questions 64

In federated identity management, what role does the identity provider (IdP) play in relation to the relying party?

Options:

A.

The IdP relies on the relying party to authenticate and authorize users.

B.

The relying party makes assertions to the IdP about user authorizations.

C.

The IdP and relying party have no direct trust relationship.

D.

The IdP makes assertions to the relying party after building a trust relationship.

Buy Now
Questions 65

Which aspect is crucial for crafting and enforcing CSP (Cloud Service Provider) policies?

Options:

A.

Integration with network infrastructure

B.

Adherence to software development practices

C.

Optimization for cost reduction

D.

Alignment with security objectives and regulatory requirements

Buy Now
Questions 66

Which of the following enhances Platform as a Service (PaaS) security by regulating traffic into PaaS components?

Options:

A.

Intrusion Detection Systems

B.

Hardware Security Modules

C.

Network Access Control Lists

D.

API Gateways

Buy Now
Questions 67

How does serverless computing impact infrastructure management responsibility?

Options:

A.

Requires extensive on-premises infrastructure

B.

Shifts more responsibility to cloud service providers

C.

Increases workload for developers

D.

Eliminates need for cloud service providers

Buy Now
Questions 68

What is a primary benefit of using Identity and Access Management (IAM) roles/identities provided by cloud providers instead of static secrets?

Options:

A.

They lower storage costs

B.

They reduce the risk of credential leakage

C.

They facilitate data encryption

D.

They improve system performance

Buy Now
Questions 69

An organization deploys an AI application for fraud detection. Which threat is MOST likely to affect its AI model’s accuracy?

Options:

A.

Adversarial attacks

B.

DDoS attacks

C.

Third-party services

D.

Jailbreak attack

Buy Now
Questions 70

How should an SDLC be modified to address application security in a Cloud Computing environment?

Options:

A.

Integrated development environments

B.

Updated threat and trust models

C.

No modification is needed

D.

Just-in-time compilers

E.

Both B and C

Buy Now
Questions 71

If the management plane has been breached, you should confirm the templates/configurations for your infrastructure or applications have not also been compromised.

Options:

A.

False

B.

True

Buy Now
Questions 72

Which of the following best describes the primary benefit of utilizing cloud telemetry sources in cybersecurity?

Options:

A.

They reduce the cost of cloud services.

B.

They provide visibility into cloud environments.

C.

They enhance physical security.

D.

They encrypt cloud data at rest.

Buy Now
Questions 73

Which Identity and Access Management (IAM) principle focuses on implementing multiple security layers to dilute access power, thereby averting a misuse or compromise?

Options:

A.

Continuous Monitoring

B.

Federation

C.

Segregation of Duties

D.

Principle of Least Privilege

Buy Now
Questions 74

How does centralized logging simplify security monitoring and compliance?

Options:

A.

It consolidates logs into a single location.

B.

It decreases the amount of data that needs to be reviewed.

C.

It encrypts all logs to prevent unauthorized access.

D.

It automatically resolves all detected security threats.

Buy Now
Questions 75

Which of the following best describes a primary risk associated with the use of cloud storage services?

Options:

A.

Increased cost due to redundant data storage practices

B.

Unauthorized access due to misconfigured security settings

C.

Inherent encryption failures within all cloud storage solutions

D.

Complete data loss due to storage media degradation

Buy Now
Questions 76

What are the essential characteristics of cloud computing as defined by the NIST model?

Options:

A.

Resource sharing, automated recovery, universal connectivity, distributed costs, fair pricing

B.

High availability, geographical distribution, scaled tenancy, continuous resourcing, market pricing

C.

On-demand self-service, broad network access, resource pooling, rapid elasticity, measured service

D.

Equal access to dedicated hosting, isolated networks, scalability resources, and automated continuous provisioning

Buy Now
Questions 77

What is the primary function of Privileged Identity Management (PIM) and Privileged Access Management (PAM)?

Options:

A.

Encrypt data transmitted over the network

B.

Manage the risk of elevated permissions

C.

Monitor network traffic and detect intrusions

D.

Ensure system uptime and reliability

Buy Now
Questions 78

Which of the following best describes the shared responsibility model in cloud security?

Options:

A.

Cloud providers handle physical infrastructure security while customers handle workload security.

B.

Cloud providers handle both infrastructure and workload security.

C.

Neither cloud providers nor customers are responsible for security.

D.

Customers handle both infrastructure and workload security.

Buy Now
Questions 79

In which deployment model should the governance strategy consider the minimum common set of controls comprised of the Cloud Service Provider contract and the organization's internal governance agreements?

Options:

A.

Public

B.

PaaS

C.

Private

D.

IaaS

E.

Hybrid

Buy Now
Questions 80

Which two key capabilities are required for technology to be considered cloud computing?

Options:

A.

Abstraction and orchestration

B.

Abstraction and resource pooling

C.

Multi-tenancy and isolation

D.

Virtualization and multi-tenancy

Buy Now
Questions 81

What method can be utilized along with data fragmentation to enhance security?

Options:

A.

Encryption

B.

Organization

C.

Knowledge management

D.

IDS

E.

Insulation

Buy Now
Questions 82

Which of the following is a common security issue associated with serverless computing environments?

Options:

A.

High operational costs

B.

Misconfigurations

C.

Limited scalability

D.

Complex deployment pipelines

Buy Now
Questions 83

Which Cloud Service Provider (CSP) security measure is primarily used to filter and monitor HTTP requests to protect against SQL injection and XSS attacks?

Options:

A.

CSP firewall

B.

Virtual Appliance

C.

Web Application Firewall

D.

Intrusion Detection System

Buy Now
Questions 84

Select the best definition of “compliance” from the options below.

Options:

A.

The development of a routine that covers all necessary security measures.

B.

The diligent habits of good security practices and recording of the same.

C.

The timely and efficient filing of security reports.

D.

The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.

E.

The process of completing all forms and paperwork necessary to develop a defensible paper trail.

Buy Now
Questions 85

Which statement best describes why it is important to know how data is being accessed?

Options:

A.

The devices used to access data have different storage formats.

B.

The devices used to access data use a variety of operating systems and may have different programs installed on them.

C.

The device may affect data dispersion.

D.

The devices used to access data use a variety of applications or clients and may have different security characteristics.

E.

The devices used to access data may have different ownership characteristics.

Buy Now
Questions 86

What process involves an independent examination of records, operations, processes, and controls within an organization to ensure compliance with cybersecurity policies, standards, and regulations?

Options:

A.

Risk assessment

B.

Audit

C.

Penetration testing

D.

Incident response

Buy Now
Questions 87

What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

Options:

A.

The physical location of the data and how it is accessed

B.

The fragmentation and encryption algorithms employed

C.

The language of the data and how it affects the user

D.

The implications of storing complex information on simple storage systems

E.

The actual size of the data and the storage format

Buy Now
Questions 88

All assets require the same continuity in the cloud.

Options:

A.

False

B.

True

Buy Now
Questions 89

In a containerized environment, what is fundamental to ensuring runtime protection for deployed containers?

Options:

A.

Implementing real-time visibility

B.

Deploying container-specific antivirus scanning

C.

Using static code analysis tools in the pipeline

D.

Full packet network monitoring

Buy Now
Questions 90

CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

Options:

A.

Risk Impact

B.

Domain

C.

Control Specification

Buy Now
Questions 91

Which type of application security testing tests running applications and includes tests such as web vulnerability testing and fuzzing?

Options:

A.

Code Review

B.

Static Application Security Testing (SAST)

C.

Unit Testing

D.

Functional Testing

E.

Dynamic Application Security Testing (DAST)

Buy Now
Questions 92

What of the following is NOT an essential characteristic of cloud computing?

Options:

A.

Broad Network Access

B.

Measured Service

C.

Third Party Service

D.

Rapid Elasticity

E.

Resource Pooling

Buy Now
Questions 93

What is the primary role of Identity and Access Management (IAM)?

Options:

A.

To encrypt data at rest and in transit

B.

Ensure only authorized entities access resources

C.

To monitor and log all user activities and traffic

D.

Ensure all users have the same level of access

Buy Now
Questions 94

Which of the following statements is true in regards to Data Loss Prevention (DLP)?

Options:

A.

DLP can provide options for quickly deleting all of the data stored in a cloud environment.

B.

DLP can classify all data in a storage repository.

C.

DLP never provides options for how data found in violation of a policy can be handled.

D.

DLP can provide options for where data is stored.

E.

DLP can provide options for how data found in violation of a policy can be handled.

Buy Now
Questions 95

How can the use of third-party libraries introduce supply chain risks in software development?

Options:

A.

They are usually open source and do not require vetting

B.

They might contain vulnerabilities that can be exploited

C.

They fail to integrate properly with existing continuous integration pipelines

D.

They might increase the overall complexity of the codebase

Buy Now
Questions 96

Which of the following is NOT normally a method for detecting and preventing data migration into the cloud?

Options:

A.

Intrusion Prevention System

B.

URL filters

C.

Data Loss Prevention

D.

Cloud Access and Security Brokers (CASB)

E.

Database Activity Monitoring

Buy Now
Questions 97

Why is consulting with stakeholders important for ensuring cloud security strategy alignment?

Options:

A.

IT simplifies the cloud platform selection process

B.

It reduces the overall cost of cloud services.

C.

It ensures that the strategy meets diverse business requirements.

D.

It ensures compliance with technical standards only.

Buy Now
Exam Code: CCSK
Exam Name: Certificate of Cloud Security Knowledge v5 (CCSKv5.0)
Last Update: Oct 17, 2025
Questions: 326
CCSK pdf

CCSK PDF

$29.75  $84.99
CCSK Engine

CCSK Testing Engine

$35  $99.99
CCSK PDF + Engine

CCSK PDF + Testing Engine

$47.25  $134.99