Section 6: Certificate of Cloud Security Knowledge (CCSK) V4 (Anthony Sequeira) Flashcards

1
Q

Which of the following is not one of the “meta-phases” described by the Cloud Security Alliance?

A.Secure Operations
B.Secure DevOps
C.Secure Deployment
D.Secure Design and Development

A

B.Secure DevOps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is not considered a major challenge when it comes to application security in a cloud environment?

A.Increase reliance on APIs
B.Reduced transparency
C.Increased Application Scope
D.Changing threat models

A

A.Increase reliance on APIs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a major advantage regarding application security testing thanks to the growth of DevOps adoptions in cloud environments?

A.Testing in no longer required
B.Testing times can be reduced dramatically
C.Testing can be fully automated
D.Testing is able to target specific attacking groups

A

C.Testing can be fully automated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which statement regarding penetration testing in public cloud environments is true?

A.Penetration testing is never permitted in such environments
B.Penetration testing typically requires permission from the cloud provider
C.Penetration is always permitted in the cloud
D.Penetration testing is performed by the cloud provider only

A

B.Penetration testing typically requires permission from the cloud provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly