CCSK Exam Simulator 3 Review Questions and Answers

Which common components of big data is focused on the mechanisms used to ingest large volumes of data, often of a streaming nature? - Distributed data collection What is a core tenant of risk management? - You can manage, transfer, accept or avoid the risks When designing an encryption system, you should start with a threat model - TRUE CCM: in the CCM tool (encryption and key management) is an example of which of the following? - Domain Which facet is focused on protecting the management plane components, such as web and API servers from attacks? - Perimeter security Which phase of incident response life cycle includes creating and validating alerts? - detection and analysis If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or the investigation, how is likely the information to be obtained? - It may require a subpoena of the provider directly What is the order of the main phases of secure applications design and development? - Train define design develop test If the management plane has been breached, you should confirm the templates/configurations for your infrastructure or applications have not also been compromised - TRUE You have a business relationship with a cloud provider for all sales management functionalities. Through the API and SDK, you have customized the interface and some functionality, but the back end service is done through the cloud provider. In this relationship, which service is completed by the cloud provider? - Platform as a service (PaaS) Which of the following statements best defines the potential advantages of security as a service SecaaS? - The advantage may include flexible offering of services, greater security domain knowledge and efficiency of SecaaS providers What method can be utilized along with data fragmentation to enhance security? - Encryption Which type of application security testing involves manual testing activity that is not necessarily integrated into automated testing - Code review **could be wrong! Which of the following statements best defines the "authorization" as a component of identity , entitlement and access management - Enforcing the roles by which access is granted to the resources What are major factor to building and managing secure management plane? - Perimeter security; customer authentication; internal authentication and credential passing ; authorization and entitlements; logging, monitoring and alerting Highly regulated industries such as finance and health care should consider the impact of cloud providers operating in diverse geographic locations and ........... - Legal jurisdictions What makes the metastructure layer of cloud computing so different from traditional computing? - It includes the management plane components, which are network enabled and remotely accessible Database activity monitoring and file activity monitoring are specifically recommended for what type of data migrations into the cloud? - Large, internal data migrations ENISA: in infrastructure as as service IaaS, who is responsible for guest system monitoring? - Customer Which attack surfaces, if any, does virtualization technology introduce? - The hypervisor Which tools discover internal uses of cloud services through various mechanisms such as network monitoring, integration with existing gateways or monitoring tools, or by monitoring DNS queries? - Cloud access gateway broker (CASB) What is a potential benefit of using a security as a service SecaaS? - Staffing and expertise What are the NIST defined essential characteristics for cloud computing? - Broad network access, rapid elasticity, measured service, on-demand self-service, resource pooling