CSA-CCSK

You should disable remote access when working with immutable workloads.

Which security advantage considers that CI/CD pipelines can track everything, down to individual character changes in source files tied to the person submitting the change, with the entire application stack history?

REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.

The hub and spoke architecture uses internal identity providers or sources connected directly to cloud providers.

Who is responsible for the proper rights management and configuration of exposed controls in the management plane?

How can cloud providers support a secure use of virtualization for cloud consumers?

Which SDP component terminates network traffic and enforces communication policies?

ENISA: Which is a potential security benefit of cloud computing?

The Software Defined Perimeter (SDP) includes which components?

Which cloud security model type provides generalized templates for helping implement cloud security?

Select the statement below which best describes the relationship between identities and attributes

CCM: The following list of controls belong to which domain of the CCM? GRM 06 `" Policy GRM 07 `" Policy Enforcement GRM 08 `" Policy Impact on Risk Assessments GRM 09 `" Policy Reviews GRM 10 `" Risk Assessments GRM 11 `" Risk Management Framework

CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in their production environment. Which of the following Change Control & Configuration Management production environment specific control should they implement in this scenario?

Containers are highly portable code execution environments.

Which statement best describes the Data Security Lifecycle?

Which of the following encryption methods would be utilized when object storage is used as the back-end for an application?

In the Software-as-a-service relationship, who is responsible for the majority of the security?

Which attack surfaces, if any, does virtualization technology introduce?

What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?

Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?

Which of the following statements is true in regards to Data Loss Prevention (DLP)?

CCM: The Architectural Relevance column in the CCM indicates the applicability of the cloud security control to which of the following elements?

A security failure at the root network of a cloud provider will not compromise the security of all customers because of multitenancy configuration.

When investigating an incident in an Infrastructure as a Service (IaaS) environment, what can the user investigate on their own?

If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or investigation, how is the information likely to be obtained?

The containment phase of the incident response lifecycle requires taking systems offline.

What are the primary security responsibilities of the cloud provider in compute virtualizations?