CSA Certificate of Cloud Security Knowledge certification questions and exam summary helps you to get focused on the exam. This guide also helps you to be on CCSK exam track to get certified with good score in the final exam.
Cloud Security Alliance (CCSK) Certification Summary
● Exam Name: CSA Certificate of Cloud Security Knowledge (CCSK Foundation)
● Exam Code: CCSK
● Exam Price: $395 USD
● Duration: 90 minutes
● Number of Questions: 60
● Passing Score: 80%
● Recommended Training / Books: CCSK Course
Cloud Security Alliance (CCSK) CCSK Foundation Certification Exam Syllabus
Cloud Computing Concepts and Architectures
- Definitions of Cloud Computing
Service Models
Deployment Models
Reference and Architecture Models
Logical Model
- Cloud Security Scope, Responsibilities, and Models
- Areas of Critical Focus in Cloud Security
Governance and Enterprise Risk Management
- Tools of Cloud Governance
- Enterprise Risk Management in the Cloud
- Effects of various Service and Deployment Models
- Cloud Risk Trade-offs and Tools
Legal Issues, Contracts and Electronic Discovery
- Legal Frameworks Governing Data Protection and Privacy
Cross-Border Data Transfer
Regional Considerations
- Contracts and Provider Selection
Contracts
Due Diligence
Third-Party Audits and Attestations
- Electronic Discovery
Data Custody
Data Preservation
Data Collection
Response to a Subpoena or Search Warrant
Compliance and Audit Management
- Compliance in the Cloud
Compliance impact on cloud contracts
Compliance scope
Compliance analysis requirements
- Audit Management in the Cloud
Right to audit
Audit scope
Auditor requirements
Information Governance
- Governance Domains
- Six phases of the Data Security Lifecycle and their key elements
- Data Security Functions, Actors and Controls
Management Plane and Business Continuity
- Business Continuity and Disaster Recovery in the Cloud
- Architect for Failure
- Management Plane Security
Infrastructure Security
- Cloud Network Virtualization
- Security Changes With Cloud Networking
- Challenges of Virtual Appliances
- SDN Security Benefits
- Micro-segmentation and the Software Defined Perimeter
- Hybrid Cloud Considerations
- Cloud Compute and Workload Security
Virtualization and Containers
- Mayor Virtualizations Categories
- Network
- Storage
- Containers
Incident Response
- Incident Response Lifecycle
- How the Cloud Impacts IR
Application Security
- Opportunities and Challenges
- Secure Software Development Lifecycle
- How Cloud Impacts Application Design and Architectures
- The Rise and Role of DevOps
Data Security and Encryption
- Data Security Controls
- Cloud Data Storage Types
- Managing Data Migrations to the Cloud
- Securing Data in the Cloud
Identity, Entitlement, and Access Management
- IAM Standards for Cloud Computing
- Managing Users and Identities
- Authentication and Credentials
- Entitlement and Access Management
Security as a Service
- Potential Benefits and Concerns of SecaaS
- Major Categories of Security as a Service Offerings
Related Technologies
- Big Data
- Internet of Things
- Mobile
- Serverless Computing
Cloud Security Alliance CCSK Foundation (CCSK) Certification Questions
01. When you’re considering security agents for cloud instances, what should be a primary concern?
a) The vendor has won awards.
b) The vendor uses heuristic-based detection as opposed to signature-based detection.
c) The vendor selected for cloud server instances is the same vendor you use for internal instances.
d) The vendor agent does not use IP addresses to identify systems.
02. Orchestration enables a controller to request resources from a pool of resources. How is this done?
a) Ticketing system prioritizes clients based on support level
b) Through the use of REST APIs
c) Through the use of RPC
d) Via network calls
03. Better segregation of the management plane can be performed by doing which of the following?
a) Run all applications in a PaaS.
b) Run applications in their own cloud account.
c) Leverage DevOps.
d) Use immutable workloads.
04. Why must the provider encrypt hard drives at the physical layer?
a) It prevents data from being compromised as a result of theft.
b) It prevents data from being accessed by others via the virtual layer.
c) It prevents data from being compromised after the drive is replaced.
d) Answers It prevents data from being compromised as a result of theft. and It prevents data from being compromised after the drive is replaced. are correct.
05. Which of the following can be used to determine whether or not information should be held in a cloud?
a) Privacy policy
b) Information classification
c) Data security lifecycle
d) Acceptable use policy
06. How do audits work with compliance?
a) Audits are the technical means to assess systems.
b) Audits are the processes and procedures used to assess systems.
c) Audits are a key tool for proving or disproving compliance.
d) Audits are required for proper governance of cloud systems.
07. What does “authentication” mean in a trial?
a) Evidence is considered genuine.
b) This is the stage at which a judge is assigned and known to both parties.
c) A witness is approved as an expert and their testimony will be considered.
d) Both parties involved in a lawsuit are declared.
08. Alice wants to update, but not replace, a file via a REST API. What method should Alice use?
a) GET
b) POST
c) PATCH
d) PUT
09. Upon investigation of a potential incident, what should be performed first?
a) The master account credentials should be retrieved and used to perform an investigation of the metastructure to ensure that the attacker is no longer in the management plane.
b) Every account should be logged off and their passwords reset.
c) Every server should be terminated.
d) Snapshots of every instance should be performed using APIs.
10. Chris is looking to procure a new CRM SaaS solution for his organization’s business unit. What is the first step Chris should take as part of performing a risk assessment of a potential vendor?
a) Determine monthly costs.
b) Ask reference clients about their satisfaction with the product.
c) Determine the level of sensitivity of data that will be stored in the application.
d) Obtain and review supplier documentation.
Answers:
Question: 01: Answer: d
Question: 02: Answer: b
Question: 03: Answer: b
Question: 04: Answer: d
Question: 05: Answer: b
Question: 06: Answer: c
Question: 07: Answer: a
Question: 08: Answer: c
Question: 09: Answer: a
Question: 10: Answer: d
How to Register for CCSK Foundation Certification Exam?
● Visit site for Register CCSK Foundation Certification Exam.
Comments