
[2024年01月] 最新のCloud Security Alliance CCSKテスト問題集とオンライン試験エンジン
Cloud Security Alliance CCSK問題を提供していますCloud Security Knowledge問題集と完璧な解答付き
質問 # 10
How can web security as a service be deployed for a cloud consumer?
- A. On the premise through a software or appliance installation
- B. By proxying or redirecting web traffic to the cloud provider
- C. None of the above
- D. By utilizing a partitioned network drive
- E. Both A and C
正解:B
質問 # 11
What are the encryption options available for SaaS consumers?
- A. Object encryption Volume storage encryption
- B. Client/application and file/folder encryption
- C. Provider-managed and (sometimes) proxy encryption
- D. Any encryption option that is available for volume storage, object storage, or PaaS
正解:C
質問 # 12
What is defined as the process by which an opposing party may obtain private documents for use in litigation?
- A. Subpoena
- B. Custody
- C. Scope
- D. Risk Assessment
- E. Discovery
正解:E
質問 # 13
Which of the standards is related to risk management?
- A. ISO 27001
Visit us athttps://www.examsboost.com/test/ccsk/ - B. NIST 800-125
- C. ISO 27002
- D. ISO 27005
正解:D
解説:
lS0 27005 'provides guidelines for information security risk management' and 'supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach.'
質問 # 14
Which of the following is NOT one of the common networks underlying in Cloud Infrastructure?
- A. Management Network
- B. Storage Network
- C. Security Network
- D. Service Network
正解:C
解説:
If you are a cloud provider (including managing a private cloud), physical segregation of networks composing your cloud is important for both operational and security reasons. We most commonly see at least three different networks which are isolated onto dedicated hardware since there is no functional or traffic overlap:
1. The service network for communications between virtual machines and the Internet. This builds the network resource pool for the cloud users.
2. The storage network to connect virtual storage to virtual machines.
3. A management network for management and API traffic.
Ref: Reference: CSA Security GuidelinesV.4 (reproduced here for the educational purpose)
質問 # 15
What is known as the interface used to connect with the metastructure and configure the cloud environment?
- A. Identity and Access Management
- B. Cloud dashboard
- C. Single sign-on
- D. Administrative access
- E. Management plane
正解:E
質問 # 16
Any given processor and memory will nearly always be running multiple workloads, often from different tenants.
- A. False
- B. True
正解:B
質問 # 17
In cloud services. risks and responsibilities are shared between the cloud provider and customer.
however. which of the following holds true?
- A. Cloud Customer liability is limited to financial responsibility
- B. Cloud Provider liability is limited to financial responsibility
- C. Cloud provider has ultimate legal liability for unauthorised and illicit data disclosures
- D. Cloud Customer has ultimate legal liability for unauthorised and illicit data disclosures
正解:D
解説:
In a shared responsibility model. Data security is responsibility of the cloud consumer and he is legally liable.
質問 # 18
Operating System management is done by customer in which service model of cloud computing?
- A. PaaS
- B. SaaS
- C. IaaS
- D. XaaS
正解:C
解説:
In IaaS model. operating system is managed by the customer
質問 # 19
When mapping functions to lifecycle phases, which functions are required to successfully process data?
- A. Create and Use
- B. Create, Store, and Use
- C. Create, Store, Use, and Share
- D. Create, Use, Store, and Delete
- E. Create and Store
正解:C
質問 # 20
In Platform as a Service (PaaS), platform security is a responsibility of:
- A. Cloud service provider
- B. Customer
- C. It's a shared responsibility
- D. Neither of them
正解:C
解説:
This is a very confusing question and we need to understand that its a shared responsibility between cloud service provider and customer.
質問 # 21
Which of the following is key component of regulated PII components?
- A. Data disclosure
- B. Cloud Service Provider Consent
- C. E-discovery
- D. Mandatory Breach Reporting
正解:D
解説:
The key component and differentiator related to regulated PII is mandatory breach reporting requirements. At present. 47 states and territories within the United States, including the District of Columbia. Puerto Rico. and the Virgin Islands, have legislation in place that requires both private and government entities to notify and inform individuals of any security breaches involving PII.
質問 # 22
Who is responsible for Application Security in Software as a Service(SaaS) service model?
- A. Cloud Service Provider
- B. Cloud Carrier
- C. Cloud Customer
- D. It's a shared responsibility between Cloud Service Provider and Cloud Customer
正解:D
解説:
Its always a shared responsbility
質問 # 23
Which of the following is most commonly used to program Application Programming Interface(API)?
- A. HTTP
- B. REST
- C. SOAP
- D. JSON
正解:B
解説:
APIs are typically REST for cloud services, since REST is easy to implement across the Internet. REST APIs have become the standard for web-based services since they run over Hl'-P/S and thus work well across diverse environments.
Reference: CSA Security GuidelinesV.4 (reproduced here for the educational purpose)
質問 # 24
Which one of the following is an example of misuse or abuse of cloud services?
- A. XSS attacks
- B. Account Hijacking
- C. DDoS Attack
- D. Honeypot
正解:C
解説:
Public cloud platform can be used to launch DDoS attack on other platforms.
Please note here and understand the meaning of phrase "abuse or misuse of cloud Services" This phrase means to launch attacks or campaign by using cloud as a platform. mostly. public cloud.
質問 # 25
An agreed-upon description of the attributes of a product. at a point in time that serves as a basis for defining change is called:
- A. Baseline
- B. Standardization
- C. Secured Server
- D. Trusted Module
正解:A
解説:
A baseline is an agreed-upon description of the attributes of a product. at a point in time that serves as a basis for defining change.
質問 # 26
Who is responsible for Governance, Risk & Compliance in Software as a Service(SaaS) service model?
- A. Cloud Service Provider
- B. Cloud Customer
- C. Cloud Carrier
- D. It's a shared responsibility between Cloud Service Provider and Cloud Customer
正解:B
解説:
Remember, GRC will always remain responsibility of the cloud customer in all service models
質問 # 27
Which of the following items is NOT an example of Security as a Service (SecaaS)?
- A. Spam filtering
- B. Authentication
- C. Intrusion detection
- D. Provisioning
- E. Web filtering
正解:D
質問 # 28
Which of the following are communications method for components within a cloud, some of which (or an entirely different set) are exposed to the cloud user to manage their resources and configurations?
- A. Data Identifiers
- B. IPSEC
- C. Application Programming Interfaces (API)
- D. API Gateway
正解:C
解説:
All this is facilitated using Application Programming Interfaces, APIs are typically the underlying communications method for components within a cloud. some of which (or an entirely different set) are exposed to the cloud user to manage their resources and configurations. Most cloud APIs these days use REST (Representational State Transfer). which runs over the HTTP protocol, making it extremelywe11 suited for Internet services.
Ref: CSA Security Guidelines V4.0
質問 # 29
What of the following is NOT an essential characteristic of cloud computing?
- A. Resource Pooling
- B. Broad Network Access
- C. Third Party Service
- D. Rapid Elasticity
- E. Measured Service
正解:C
質問 # 30
......
2024年最新のCCSKテスト解説(更新されたのは120問があります):https://jp.fast2test.com/CCSK-premium-file.html
信頼され続けるCCSK試験のコツがあるPDF試験材料:https://drive.google.com/open?id=1bv7VZnGfrP7KIo9sv1T7gU5_Bopdng6X