Sample CCSK questions

These sample questions are taken from the CSA
website
They are open questions, whereas the exam has
multiple choice questions
However, they are representative of the depth
of knowledge that you should have

you will find out that you will be able to answer these questions .Answers to the questions As you read through and study the body of knowledge.

Cloud Architecture Sample question: What are the five essential characteristics of cloud computing? .Domain 1.

Governance and Enterprise risk Sample question: The level of attention and scrutiny paid to enterprise risk assessments should be directly related to what? .Domain 2.

Legal and Electronic Discovery Sample question: In the majority of data protection laws.Domain 3. when the data is transferred to a third party custodian. who is ultimately responsible for the security of the data? .

Domain 4. Compliance and Audit Sample question: What is the most important reason for knowing where the cloud service provider will host the data? .

Information Management and data security Sample question: What are the six phases of the data security lifecycle? .Domain 5.

Portability and Interoperability Sample question: Why is the size of data sets a consideration in portability between cloud service providers? .Domain 6.

Domain 7. BCM. D/R Sample question: What are the four D's of perimeter security? . Traditional Security.

Data Center Operations Sample question: In which type of environment is it impractical to allow the customer to conduct their own audit.Domain 8. making it important that the data center operators are required to provide auditing for the customers? .

Incident Response Sample question: What measures could be taken by the cloud service provider (CSP) that might reduce the occurrence of application level incidents? .Domain 9.

Domain 10. Application Security Sample question: how should an SDLC be modified to address application security in a Cloud Computing environment? .

Domain 11. Encryption and Key Management Sample question: what is the most significant reason that customers are advised to maintain in-house key management? .

Domain 12. Identity and Access Management Sample question: What two types of information will cause additional regulatory issues for all organizations if held as an aspect of an Identity? .

Domain 13. where network-based security controls may not be able to monitor certain types of traffic? . Virtualization Sample question: Why do blind spots occur in a virtualized environment.

Security as a Service Sample question: When deploying Security as a Service in a highly regulated industry or environment. what should both parties agree on in advance and include in the SLA? .Domain 14.

. refers to.ENISA Document Sample question: Economic Denial of Service (EDOS)..

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.