CSA-CCSK

What is a challenge of application security in a cloud environment?

If there are gaps in network logging data, what can you do?

Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed?

Virtual appliances can become bottlenecks because they cannot fail open and must intercept all traffic.

In the cloud provider and consumer relationship, which entity manages the virtual or abstracted infrastructure?

In the case of Infrastructure as a Service (IaaS) or Platform as a Service (PaaS) the responsibility to effectively manage the security of the application running in the cloud primarily belongs to who?

At a minimum, how often should incident response testing occur?

Why is a service type of network typically isolated on different hardware?

CCM: A hypothetical company called "Security4Sure" provides a cloud based service to share confidential documents. The confidential documents are stored in their servers and are encrypted. How will Security4Sure ensure the protection of client data within their data center?

ENISA: Which of the following is among the vulnerabilities contributing to a high risk ranking for Network Management?

What is true of how the management plane is to be secured in the cloud?

Which action is part of the containment phase of the incident response lifecycle?

An important consideration when performing a remote vulnerability test of a cloud-based application is to

What is the most important reason for knowing where the cloud service provider will host the data?

Which components typically comprise Infrastructure-as-a-Service (IaaS) providers?

What method can be utilized along with data fragmentation to enhance security?

Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?

Select the best definition of `compliance` from the options below.

Who is responsible for the security of the physical infrastructure and virtualization platform?

CCM: In the CCM tool, `Encryption and Key Management` is an example of which of the following?

In volume storage, what method is often used to support resiliency and security?

What is true of security as it relates to cloud network infrastructure?

How can virtual machine communications bypass network security controls?

ENISA: `VM hopping` is:

Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

Which concept provides the abstraction needed for resource pools?

Network logs from cloud providers are typically flow records, not full packet captures.

Database Activity Monitoring and File Activity Monitoring are specifically recommended for what type of data migrations into the cloud?

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

Which security advantage considers that anything that goes into production is created by the CI/CD pipeline on approved code and configuration templates?