CCSK(v4.0)-Certificate of Cloud Security Knowledge Tests (1 of 5) Anurag R Flashcards
Which of the following cloud security model can act as a template for implementing cloud security, typically generalized? A.Reference Architecture B.Controls models or frameworks C.Conceptual models or frameworks D.Design Patterns
A.Reference Architecture
Explanation:
Reference architectures are templates for implementing cloud security. These are generalized, abstract, may be detailed or may not be, and covers specific controls. Refer page 22 of the standard guide to understand this in detail.
True or False: The Subpoena is a case when a cloud service provider receive, from a third party, a request to provide information; in which access to the client data is demanded. This statement is:
A.True
B.False
A.True
Explanation:
Refer section 3.1.3.11 - Response to a Subpoena or Search Warrant, page 52 to understand this.
Which of the following restricts a list of possible actions down to allowed actions?
A.Functions
B.Actions
C.Controls
D.None
C.Controls
Explanation:
Refer section 5.1.2.2- Functions, Actors, and Controls, page 65 of the standard guide to learn.
Which of the following is not one of the five major facets of building and managing a secure management plane?
A.Perimeter Security B.Customer Authentication C.Internal Authentication and Credential Passing D.Functions, actions and permissions E.Internal Authentication
D.Functions, actions and permissions
Explanation:
Refer section 6.1.1.3- Management Plane Security When Building/Providing a Cloud Service, page 72 to understand this.
Cloud user should consistently implement least privilege accounts for metastructure access. This statement is:
A.True
B.False
A.True
Explanation:
Cloud user should consistently implement least privilege accounts for metastructure access. Refer page 73-76 of the standard guide to understand this.
It is the recommendation to integrate security testing into image creation. This statement is
A.True
B.False
A.True
Explanation:
Integrating security testing to container and VM images saves time and reduces manual effort. Refer section 7.5 - Recommendations, page 90 of the standard guide to understand this.