
無料2021年最新のCCSK問題集で100%合格保証には最新の サンプル
準備CCSK問題解答無料更新には100%試験合格保証 [2021]
Cloud Security Alliance CCSK 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
質問 20
Which one of the following is the key techniques to create cloud infrastructure?
- A. Authentication
- B. Orientation
- C. Abstraction
- D. Classification
正解: C
解説:
The key techniques to create a cloud are abstraction and orchestration. We abstract the resources from the underlying physical infrastructure to create our pools, and use orchestration (and automation) to coordinate carving out and delivering a set of resources from the pools to the consumers. As you will see, these two techniques create all the essential characteristics we use to define something as a
"cloud."
Ref: CSA Security Guidelines V4.0
質問 21
Which of the following is NOT true about CSA Cloud control metrix (CCM)?
- A. Define the Cloud Audit Methodolog
- B. Maps controls to existing standards like ISO 27001
- C. Contains security controls divided in several domains
- D. Also includes controls related to processing of personal data.
正解: A
解説:
Remember that CCM is a security framework and does not include any methodology The Cloud Security Alliance Cloud Controls Matrix(CCM) is an essential and up-to-date security controls framework that is addressed to the cloud community and stakeholders. A fundamental richness of the CCM is its ability to provide mapping and cross relationships with the main industry-accepted security
質問 22
One of key focus of ISO 27001 standard is:
- A. Develop ISMS (Information Security management system)
- B. Define organizational structure
- C. Find the data breaches in the organization
- D. Put security controls in place
正解: A
解説:
ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).
An ISMS is a systematic approach to managing sensitive company information so that it remains secure.
It includes people, processes and IT systems by applying a risk management process.
質問 23
Which of the below hypervisors are 0S based and are more attractive to attackers?
- A. Type III
- B. Type V
- C. Type I
- D. Type II
正解: D
解説:
Type II hypervisors are 0S-based and more attractive to attackers. There are lot of vulnerabilities which are found not only on 0S but also in applications residing on the 0S.
質問 24
Which of the cloud service model has least maintenance or administration from a cloud customer perspective?
- A. SaaS
- B. XaaS
- C. PaaS
- D. IaaS
正解: A
解説:
SaaS requires least maintenance from the customer as all the infrastructure up to application is managed by the cloud service provider
質問 25
What is resource pooling?
- A. None of the above.
- B. Internet-based CPUs are pooled to enable multi-threading.
- C. The dedicated computing resources of each client are pooled together in a colocation facility.
- D. Placing Internet ("cloud") data centers near multiple sources of energy, such as hydroelectric dams.
- E. The provider's computing resources are pooled to serve multiple consumers.
正解: E
質問 26
A framework of containers for all components of application security. best practices. catalogued and leveraged by the ORGANIZATION is called:
- A. ANF
- B. CAF
- C. DAF
- D. ONF
正解: D
解説:
Please notice that the question is asked for the organisation and therefore, ONF is the correct answer. If the similar question is asked for a particular application then answer would ANF
質問 27
The key focus of any business continuity or disaster recovery should be:
- A. Critical infrastructure
- B. Critical assets
- C. Health and human safety
- D. Financial documents
正解: C
解説:
The primary goal of whole business continuity and disaster recovery exercise should be health and human safety.
質問 28
An adversary uses a cloud Platform to launch a DDoS attack against XYZ company. This type of risk is termed as:
- A. Abuse of Cloud services
- B. Data Breaches
- C. Account Hijacking
- D. Malicious Insider
正解: A
解説:
Malicious actors may leverage cloud computing resources to target users, Organizations or other cloud providers. Examples of misuse of cloud service-based resources include launching DDoS attacks, email spam and phishing campaigns; "mining" for digital currency; large-scale automated click fraud; brute- force compute attacks of stolen credential databases; and hosting of malicious or pirated content.
質問 29
Which of the following is not an abuse or misuse of cloud services?
- A. Phishing campaigns
- B. Email Spam
- C. Launching DDoS Attacks
- D. Data Deletion
正解: D
解説:
Please note here and understand the meaning of phrase "abuse or misuse of cloud Services". This phrase means to launch attacks or campaign by using cloud as a platform, mostly, public cloud.
質問 30
Which of the following is not one of the essential characteristics as defined by NIST 800-145?
- A. On-demand Shelf service
- B. Rapid Elasticity
- C. Broad Network Access
- D. Resource Pooling
正解: A
解説:
The key characteristic is on-demand self-service and not shelf" service.
質問 31
Which of the following are key Data functions?
- A. Access, Process & Store
- B. Access, Procure & Store
- C. Access, Procure & Save
- D. Access, Process & Save
正解: A
解説:
The key data functions are Access, process & Store
質問 32
John's Laptop was stolen. He had saved all his passwords in a text file stored in his laptop. Adversary used the passwords from the text file and gained access to company's network and sensitive databases, of which John was the data base administrator. It resulted in theft of thousands of customer information. This incident could have been prevented by?
- A. Data Loss Prevention Implementation
- B. Web Application Firewall
- C. Monitoring through SIEM device
- D. Using multi-factor authentication
正解: D
解説:
Use of multifactor authentication would have prevented adversary from logging in to the system. Other mechanisms would not help as they will see traffic coming from legimitate user.
質問 33
Which of the following is a key consideration in Data security but does not feature in Data Security Life cycle?
- A. Storage Location
- B. Storage Device
- C. Access Method
- D. Storage protocol
正解: A
解説:
The lifecycle represents the phases information passes through but doesnt address its location or how it is accessed.
質問 34
ENISA: "VM hopping" is:
- A. Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
- B. Instability in VM patch management causing VM routing errors.
- C. Looping within virtualized routing systems.
- D. Improper management of VM instances, causing customer VMs to be commingled with other customer systems.
- E. Lack of vulnerability management standards.
正解: A
質問 35
Which of the followinglS0 Standard provides Code of practice for information security controls based on IS0/IEC 27002for cloud services?
- A. ISO 27032
- B. ISO 27034
- C. ISO 27017
- D. ISO 27018
正解: C
解説:
IS0 27017 provides Code of practice for information security controls based on ISO/IEC27002 for cloud services.
質問 36
ENISA: A reason for risk concerns of a cloud provider being acquired is:
- A. Non-binding agreements put at risk
- B. Arbitrary contract termination by acquiring company
- C. Resource isolation may fail
- D. Provider may change physical location
- E. Mass layoffs may occur
正解: A
質問 37
......
リアル問題集Cloud Security Alliance CCSK試験問題 [更新されたのは2021年]:https://jp.fast2test.com/CCSK-premium-file.html
無料CCSK試験問題集合格させるお手軽に試験合格:https://drive.google.com/open?id=1yZtXiCNXkCrwVh3gruyw7Q63jW1a3VPt