
[2022年11月14日]CCSK試験問題集で100%合格率CCSK試験!
試験問題集リアルCloud Security Knowledge問題集60解答を試そう!
Cloud Security Alliance CCSK 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
質問 14
What is the key benefit provided to the customer in Infrastructure as a Service model?
- A. Reduction of Risk
- B. Transfer of cost of ownership
- C. Scalability
- D. Governance
正解: B
解説:
Transfer of cost of ownership is the key benefit of IaaS model.
質問 15
How can virtual machine communications bypass network security controls?
- A. VM communications may use a virtual network on the same hardware host
- B. Most network security systems do not recognize encrypted VM traffic
- C. The guest OS can invoke stealth mode
- D. Hypervisors depend upon multiple network interfaces
- E. VM images can contain rootkits programmed to bypass firewalls
正解: A
質問 16
CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.
- A. Control Specification
- B. Domain
- C. Risk Impact
正解: A
質問 17
Insufficient Identity. Credential and Access Management can lead to which of the following?
- A. Tampering with Data
- B. All of the above
- C. Information Disclosure
- D. Spoofing Identity
正解: B
解説:
Sufficient Identity and Access Management practice should be followed in cloud environment.
Weakness in Identity, Credential and Access Management can lead to all types of threats as a compromised credential opens door to complete internal infrastructure.
質問 18
In a cloud scenario. who is the data processor and who is the data controller?
- A. Cloud Service Provider is the data processor and its customer is the data controller
- B. Cloud Service Provider is the data controller and its customer is the data processor
- C. Neither cloud service provider nor customer is data processor or data controller.
- D. Database admin is the data controller and application owner is the data processor
正解: A
解説:
The customer determines the ultimate purpose of the processing and decides on the outsourcing or the delegation of all or part of the concerned activities to external organizations. Therefore, the customer acts as a controller.
When the service provider supplies the means and the platform, acting on behalf of the customer, it is considered to be a data processor.
質問 19
Which cloud storage technology is basically a virtual hard drive for instanced or VMs?
- A. Database
- B. Application
- C. Platform
- D. Object storage
- E. Volume storage
正解: E
質問 20
Why is a service type of network typically isolated on different hardware?
- A. It has distinct functions from other networks
- B. It requires distinct access controls
- C. It manages the traffic between other networks
- D. It requires unique security
- E. It manages resource pools for cloud consumers
正解: C
質問 21
ln order to determine critical assets and processes of the organization, it must first conduct a:
- A. Business Impact Analysis(BIA)
- B. Host hardening
- C. Datacentre monitoring
- D. Risk Assessment
正解: A
解説:
This is a process known as the business impact analysis(BIA). We determine a value for every asset(usually in terms of dollars),,what it would cost the organization if we lost that asset(either temporarily or permanently), what it would cost to replace or repair that asset, and any alternate methods for dealing with that loss.
質問 22
Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?
- A. Metastructure
- B. Infostructure
- C. Datastructure
- D. Applistructure
- E. Infrastructure
正解: E
質問 23
Which of the following help to intermediate IAM between an organization's existing identity providers and many different cloud services used by the organization?
- A. Relying Party
- B. Cloud Access Security Broker
- C. Federated Identity Provider
- D. Active Director
正解: C
解説:
One of the better-known categories heavily used in cloud security is Federated Identity Brokers. These services help intermediate IAM between an organization's existing identity providers(internal Security Guidance v4.0 Copyright2017. Cloud Security Alliance. All rights reserved or cloud-hosted directories) and the many different cloud services used by the organization. They can provide web-based Single Sign
0n(SS0). helping ease some of the complexity of connecting to a wide range of external services that use different federation configurations.
Reference: CSA Security Guidelines V.4(reproduced here for the educational purpose)
質問 24
Which is the most important trust mechanism between cloud service provider and cloud customer?
- A. Logging and Monitoring reports
- B. Audit reports
- C. Meeting SLA requirements
- D. Contract
正解: D
解説:
Contract is the most important document which defines trust and relationship between cloud service provider and the customer.
質問 25
Which of the following is NOT a cloud computing characteristic that impacts incidence response?
- A. The on demand self-service nature of cloud computing environments.
- B. Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
- C. The possibility of data crossing geographic or jurisdictional boundaries.
- D. The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
- E. Object-based storage in a private cloud.
正解: B
質問 26
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
- A. Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.
- B. Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.
- C. Maintaining customer managed key management and revoking or deleting keys from the key management system to prevent the data from being accessed again.
- D. Both B and D.
- E. Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.
正解: C
質問 27
"Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service. " Which of the following characteristics defines this?
- A. Measured service
- B. Rapid elasticity
- C. Broad network access
- D. Resource pooling
正解: A
解説:
Measured service is defined as "Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service. "
質問 28
Which governance domain deals with evaluating how cloud computing affects compliance with internal security policies and various legal requirements, such as regulatory and legislative?
- A. Infrastructure Security
- B. Legal Issues: Contracts and Electronic Discovery
- C. Compliance and Audit Management
- D. Information Governance
- E. Governance and Enterprise Risk Management
正解: C
質問 29
When creating business strategies for cloud migration. which is the most important aspect?
- A. Valuating current staff for their capabilities
- B. Hiring a cloud broker
- C. Due Diligence when inspecting technologies and choosing cloud provider
- D. Choosing the right auditor
正解: C
解説:
Due Diligence is most important aspect when considering adoption to the cloud
質問 30
......
あなたを余裕でCCSK試験合格させます!100%高合格率保証:https://jp.fast2test.com/CCSK-premium-file.html
CCSK問題集本日限定!無料アクセス可能に!:https://drive.google.com/open?id=1yZtXiCNXkCrwVh3gruyw7Q63jW1a3VPt