CCSK_1.docx | bartleby

Question 1 A cloud deployment of two or more unique clouds is known as:  A. Infrastructures as a Service  B. A Private Cloud  C. A Community Cloud  D. A Hybrid Cloud  E. Jericho Cloud Cube Model Answer : C Question 2 ENISA: Which is not one of the five key legal issues common across all scenarios:  A. Data protection  B. Professional negligence  C. Globalization  D. Intellectual property  E. Outsourcing services and changes in control Answer : C Question 3: ENISA: An example high risk role for malicious insiders within a Cloud Provider includes  A. Sales  B. Marketing  C. Legal counsel  D. Auditors  E. Accounting Answer : D Question 4: What is true of a workload?  A. It is a unit of processing that consumes memory  B. It does not require a hardware stack  C. It is always a virtual machine  D. It is configured for specific, established tasks  E. It must be containerized Answer : A

Question 5: ENISA: Which is a potential security benefit of cloud computing?  A. More efficient and timely system updates  B. ISO 27001 certification  C. Provider can obfuscate system O/S and versions  D. Greater compatibility with customer IT infrastructure  E. Lock-In Answer : A Question 6: The Software Defined Perimeter (SDP) includes which components?  A. Client, Controller, and Gateway  B. Client, Controller, Firewall, and Gateway  C. Client, Firewall, and Gateway  D. Controller, Firewall, and Gateway  E. Client, Controller, and Firewall Answer : A Question 7: Which cloud security model type provides generalized templates for helping implement cloud security?  A. Conceptual models or frameworks  B. Design patterns  C. Controls models or frameworks  D. Reference architectures  E. Cloud Controls Matrix (CCM) Answer : D Question 8: Select the statement below which best describes the relationship between identities and attributes  A. Attributes belong to entities and identities belong to attributes. Each attribute can have multiple identities but only one entity.  B. An attribute is a unique object within a database. Each attribute it has a number of identities which help define its parameters.

 C. An identity is a distinct and unique object within a particular namespace. Attributes are properties which belong to an identity. Each identity can have multiple attributes.  D. Attributes are made unique by their identities.  E. Identities are the network names given to servers. Attributes are the characteristics of each server. Answer : D Question 9: What is a potential concern of using Security-as-a-Service (SecaaS)?  A. Lack of visibility  B. Deployment flexibility  C. Scaling and costs  D. Intelligence sharing  E. Insulation of clients Answer : A Question 10: How should an SDLC be modified to address application security in a Cloud Computing environment?  A. Integrated development environments  B. Updated threat and trust models  C. No modification is needed  D. Just-in-time compilers  E. Both B and C Answer : A Question 11: Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?  A. Data Security and Encryption  B. Information Governance  C. Incident Response, Notification and Remediation  D. Compliance and Audit Management  E. Infrastructure Security Answer : C Question 12:

Which opportunity helps reduce common application security issues?  A. Elastic infrastructure  B. Default deny  C. Decreased use of micro-services  D. Segregation by default  E. Fewer serverless configurations Answer : A Question 13: What is the most significant security difference between traditional infrastructure and cloud computing?  A. Management plane  B. Intrusion detection options  C. Secondary authentication factors  D. Network access points  E. Mobile security configuration options Answer : A Question 14: A security failure at the root network of a cloud provider will not compromise the security of all customers because of multitenancy configuration.  A. False  B. True Answer : A Question 15: All cloud services utilize virtualization technologies.  A. False  B. True Answer : B Question 16: If there are gaps in network logging data, what can you do?  A. Nothing. There are simply limitations around the data that can be logged in the cloud.  B. Ask the cloud provider to open more ports.

 C. You can instrument the technology stack with your own logging.  D. Ask the cloud provider to close more ports.  E. Nothing. The cloud provider must make the information available. Answer : C Question 17: CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.  A. Risk Impact  B. Domain  C. Control Specification Answer : C Question 18: Who is responsible for the security of the physical infrastructure and virtualization platform?  A. The cloud consumer  B. The majority is covered by the consumer  C. It depends on the agreement  D. The responsibility is split equally  E. The cloud provider Answer : E Question 19: What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?  A. The physical location of the data and how it is accessed  B. The fragmentation and encryption algorithms employed  C. The language of the data and how it affects the user  D. The implications of storing complex information on simple storage systems  E. The actual size of the data and the storage format Answer : D Question 20

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?  A. Platform-as-a-service (PaaS)  B. Desktop-as-a-service (DaaS)  C. Infrastructure-as-a-service (IaaS)  D. Identity-as-a-service (IDaaS)  E. Software-as-a-service (SaaS) Answer : A Question 21: CCM: The following list of controls belong to which domain of the CCM? GRM 06 `" Policy GRM 07 `" Policy Enforcement GRM 08 `" Policy Impact on Risk Assessments GRM 09 `" Policy Reviews GRM 10 `" Risk Assessments GRM 11 `" Risk Management Framework  A. Governance and Retention Management  B. Governance and Risk Management  C. Governing and Risk Metrics Answer : B Question: Which attack surfaces, if any, does virtualization technology introduce?  A. The hypervisor  B. Virtualization management components apart from the hypervisor  C. Configuration and VM sprawl issues  D. All of the above Answer : D Question: APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.  A. False  B. True Answer : B

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help