top of page
Writer's pictureNatasha sharma

What is Cloud Security Alliance CCSK Foundation Certification?


CCSK pdf, CCSK questions, CCSK exam guide, CCSK practice test, CCSK books, CCSK tutorial, CCSK syllabus, CCSK, CCSK Mock Test, CCSK Practice Exam, CCSK Prep Guide, CCSK Questions, CCSK Simulation Questions, CSA Certificate of Cloud Security Knowledge (CCSK) Questions and Answers, Cloud Security Alliance CCSK Study Guide, Cloud Security Alliance Cloud Certification, CCSK Foundation, CCSK Foundation Online Test, CCSK Foundation Mock Test, Cloud Security Alliance CCSK Foundation Exam Questions, Cloud Security Alliance CCSK Foundation Cert Guide

CSA Certificate of Cloud Security Knowledge certification questions and exam summary helps you to get focused on the exam. This guide also helps you to be on CCSK exam track to get certified with good score in the final exam.


Cloud Security Alliance (CCSK) Certification Summary


Exam Name: CSA Certificate of Cloud Security Knowledge (CCSK Foundation)

Exam Code: CCSK

Exam Price: $395 USD

Duration: 90 minutes

Number of Questions: 60

Passing Score: 80%

Recommended Training / Books: CCSK Course


Cloud Security Alliance (CCSK) CCSK Foundation Certification Exam Syllabus


Cloud Computing Concepts and Architectures


- Definitions of Cloud Computing

Service Models

Deployment Models

Reference and Architecture Models

Logical Model

- Cloud Security Scope, Responsibilities, and Models

- Areas of Critical Focus in Cloud Security


Governance and Enterprise Risk Management


- Tools of Cloud Governance

- Enterprise Risk Management in the Cloud

- Effects of various Service and Deployment Models

- Cloud Risk Trade-offs and Tools


Legal Issues, Contracts and Electronic Discovery


- Legal Frameworks Governing Data Protection and Privacy

Cross-Border Data Transfer

Regional Considerations

- Contracts and Provider Selection


Contracts

Due Diligence

Third-Party Audits and Attestations

- Electronic Discovery


Data Custody

Data Preservation

Data Collection

Response to a Subpoena or Search Warrant


Compliance and Audit Management


- Compliance in the Cloud

Compliance impact on cloud contracts

Compliance scope

Compliance analysis requirements

- Audit Management in the Cloud


Right to audit

Audit scope

Auditor requirements


Information Governance


- Governance Domains

- Six phases of the Data Security Lifecycle and their key elements

- Data Security Functions, Actors and Controls


Management Plane and Business Continuity


- Business Continuity and Disaster Recovery in the Cloud

- Architect for Failure

- Management Plane Security


Infrastructure Security


- Cloud Network Virtualization

- Security Changes With Cloud Networking

- Challenges of Virtual Appliances

- SDN Security Benefits

- Micro-segmentation and the Software Defined Perimeter

- Hybrid Cloud Considerations

- Cloud Compute and Workload Security


Virtualization and Containers


- Mayor Virtualizations Categories

- Network

- Storage

- Containers


Incident Response


- Incident Response Lifecycle

- How the Cloud Impacts IR


Application Security


- Opportunities and Challenges

- Secure Software Development Lifecycle

- How Cloud Impacts Application Design and Architectures

- The Rise and Role of DevOps


Data Security and Encryption


- Data Security Controls

- Cloud Data Storage Types

- Managing Data Migrations to the Cloud

- Securing Data in the Cloud


Identity, Entitlement, and Access Management


- IAM Standards for Cloud Computing

- Managing Users and Identities

- Authentication and Credentials

- Entitlement and Access Management


Security as a Service


- Potential Benefits and Concerns of SecaaS

- Major Categories of Security as a Service Offerings


Related Technologies


- Big Data

- Internet of Things

- Mobile

- Serverless Computing


Cloud Security Alliance CCSK Foundation (CCSK) Certification Questions


01. When you’re considering security agents for cloud instances, what should be a primary concern? a) The vendor has won awards. b) The vendor uses heuristic-based detection as opposed to signature-based detection. c) The vendor selected for cloud server instances is the same vendor you use for internal instances. d) The vendor agent does not use IP addresses to identify systems. 02. Orchestration enables a controller to request resources from a pool of resources. How is this done? a) Ticketing system prioritizes clients based on support level b) Through the use of REST APIs c) Through the use of RPC d) Via network calls 03. Better segregation of the management plane can be performed by doing which of the following? a) Run all applications in a PaaS. b) Run applications in their own cloud account. c) Leverage DevOps. d) Use immutable workloads. 04. Why must the provider encrypt hard drives at the physical layer? a) It prevents data from being compromised as a result of theft. b) It prevents data from being accessed by others via the virtual layer. c) It prevents data from being compromised after the drive is replaced. d) Answers It prevents data from being compromised as a result of theft. and It prevents data from being compromised after the drive is replaced. are correct. 05. Which of the following can be used to determine whether or not information should be held in a cloud? a) Privacy policy b) Information classification c) Data security lifecycle d) Acceptable use policy 06. How do audits work with compliance? a) Audits are the technical means to assess systems. b) Audits are the processes and procedures used to assess systems. c) Audits are a key tool for proving or disproving compliance. d) Audits are required for proper governance of cloud systems. 07. What does “authentication” mean in a trial? a) Evidence is considered genuine. b) This is the stage at which a judge is assigned and known to both parties. c) A witness is approved as an expert and their testimony will be considered. d) Both parties involved in a lawsuit are declared. 08. Alice wants to update, but not replace, a file via a REST API. What method should Alice use? a) GET b) POST c) PATCH d) PUT 09. Upon investigation of a potential incident, what should be performed first? a) The master account credentials should be retrieved and used to perform an investigation of the metastructure to ensure that the attacker is no longer in the management plane. b) Every account should be logged off and their passwords reset. c) Every server should be terminated. d) Snapshots of every instance should be performed using APIs. 10. Chris is looking to procure a new CRM SaaS solution for his organization’s business unit. What is the first step Chris should take as part of performing a risk assessment of a potential vendor? a) Determine monthly costs. b) Ask reference clients about their satisfaction with the product. c) Determine the level of sensitivity of data that will be stored in the application. d) Obtain and review supplier documentation.

Answers:

Question: 01: Answer: d

Question: 02: Answer: b

Question: 03: Answer: b

Question: 04: Answer: d

Question: 05: Answer: b

Question: 06: Answer: c

Question: 07: Answer: a

Question: 08: Answer: c

Question: 09: Answer: a

Question: 10: Answer: d



How to Register for CCSK Foundation Certification Exam?


● Visit site for Register CCSK Foundation Certification Exam.

Comments


bottom of page