Sample CCSK questions

These sample questions are taken from the CSA
They are open questions, whereas the exam has
multiple choice questions
However, they are representative of the depth
of knowledge that you should have

Answers to the questions As you read through and study the body of knowledge. you will find out that you will be able to answer these questions .

Domain 1. Cloud Architecture Sample question: What are the five essential characteristics of cloud computing? .

Domain 2. Governance and Enterprise risk Sample question: The level of attention and scrutiny paid to enterprise risk assessments should be directly related to what? .

who is ultimately responsible for the security of the data? .Domain 3. when the data is transferred to a third party custodian. Legal and Electronic Discovery Sample question: In the majority of data protection laws.

Domain 4. Compliance and Audit Sample question: What is the most important reason for knowing where the cloud service provider will host the data? .

Domain 5. Information Management and data security Sample question: What are the six phases of the data security lifecycle? .

Domain 6. Portability and Interoperability Sample question: Why is the size of data sets a consideration in portability between cloud service providers? .

D/R Sample question: What are the four D's of perimeter security? .Domain 7. BCM. Traditional Security.

Data Center Operations Sample question: In which type of environment is it impractical to allow the customer to conduct their own audit.Domain 8. making it important that the data center operators are required to provide auditing for the customers? .

Incident Response Sample question: What measures could be taken by the cloud service provider (CSP) that might reduce the occurrence of application level incidents? .Domain 9.

Application Security Sample question: how should an SDLC be modified to address application security in a Cloud Computing environment? .Domain 10.

Encryption and Key Management Sample question: what is the most significant reason that customers are advised to maintain in-house key management? .Domain 11.

Identity and Access Management Sample question: What two types of information will cause additional regulatory issues for all organizations if held as an aspect of an Identity? .Domain 12.

Domain 13. where network-based security controls may not be able to monitor certain types of traffic? . Virtualization Sample question: Why do blind spots occur in a virtualized environment.

what should both parties agree on in advance and include in the SLA? .Domain 14. Security as a Service Sample question: When deploying Security as a Service in a highly regulated industry or environment.

ENISA Document Sample question: Economic Denial of Service (EDOS).. refers to. .

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.