CSA-CCSK

What must the monitoring scope cover in addition to the deployed assets?

Regardless of the technology platform, container security includes properly securing the image repository.

What is defined as the process by which an opposing party may obtain private documents for use in litigation?

ENISA: Which is not identified as a top security risk in ENISA research?

What item below allows disparate directory services and independent security domains to be interconnected?

CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

What is the newer application development methodology and philosophy focused on automation of application development and deployment?

Sending data to a provider's storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider

What is true of searching data across cloud environments?

How does running applications on distinct virtual networks and only connecting networks as needed help?

ENISA: As it relates to public cloud computing, in the European Data Protection law, the customer is considered to be the:

Immutable workloads make it faster to roll out updated versions because applications must be designed to handle individual nodes going down.

Which technique uses the management plane to detect various activities, such as file uploads or configuration changes?

Which phase of the incident response lifecycle includes creating and validating alerts?

ENISA: To mitigate credential compromise or theft, cloud provider can implement:

While the cloud consumer is responsible for implementing the security controls, the cloud provider implements the security of the workload.

Your cloud and on-premises infrastructures should always use the same network address ranges.

Which of the following items is one of the major regulatory compliance problems associated with cloud environments?

What are major factors to building and managing a secure management plane?

Cloud storage will most often utilize the same types of data storage used in traditional data storage technologies.

ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:

What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

ENISA: A reason for risk concerns of a cloud provider being acquired is:

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

Which cloud storage technology is basically a virtual hard drive for instanced or VMs?

What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

Which of the following items is NOT an example of Security as a Service (SecaaS)?

How is encryption managed on multi-tenant storage?