100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CSCI 510 CCSK First Attempt real exam ALL CORRECT ANSWERS $13.48   Add to cart
Quickly navigate to
Preview
  2.  
  3. CSCI 510
  4.  
  5. CSCI 510

Exam (elaborations)

CSCI 510 CCSK First Attempt real exam ALL CORRECT ANSWERS
 1 view  0 purchase
  • Course
  • CSCI 510
  • Institution
  • CSCI 510

CSCI 510 CCSK First Attempt real exam ALL CORRECT ANSWERS Table of Contents No table of contents entries found. 1- What type of information is contained in the Cloud Security Alliance’s Cloud Control Matrix? (CCM) a- A List of cloud configurations including traffic logic efficient route...

[Show more]

Preview 2 out of 10  pages

Document information

  • December 8, 2022
  • 10
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers

Subjects

  • csci 510 ccsk first attempt real exam all correct answers table of contents no table of contents entries found httpswwwccskcloudsecuritycomccsk member examccsk exam simulator 3 1 what typ

Written for

  • CSCI 510
All documents for this subject (5)

Seller

avatar-seller
LECTMAGGY

Reviews received

Content preview

CSCI 510 CCSK First Attempt real exam ALL
CORRECT ANSWERS

Table of Contents
No table of contents entries found.
https://www.ccskcloudsecurity.com/ccsk-member-exam/ccsk-exam-simulator-3/

1- What type of information is contained in the Cloud
Security Alliance’s Cloud Control Matrix? (CCM)
a- A List of cloud configurations including traffic logic efficient routes
b- A number of requirements to be implemented based upon numerous standards
and regulatory requirements
c- The command and control management hierarchy of a typical cloud company
d- Network traffic rule for cloud env.
e- Federal legal business requirements for all cloud operator

4- What Makes cloud assets less resilient compared with a
traditional infrastructure? (Domain 1)
a- Greater fragility of virtualized resources
b- Less cost effective
c- Not scalable
d- API access
e- Less management oversight

8- In addition to preventing primary customer data, legal
experts advise cloud providers to protect secondary
information such as (Domain-3)
a- Database of relevant regulations
b- Datacenter visitors log
c- Metadata (if available)
d- Third party contracts (did not have snapshot of my answer not sure of this)
e- Operating system configuration script

9- CCM: A hypothetical company called “Security4 Sure”
provides a cloud based service to share confidential
documents. The confidential documents are stored in
their servers and are encrypted. How will Security4Sure
ensure the protection of client data within their data
center?
a- Encrypt data at rest and put in place appropriate measures for management
of encryption keys

, b- Audit plans should not be adopted and supported by the most senior
governing elements of the organization (e.g. the board and the management)
c- Use a secure transfer channel (i.e TLS)
d- Implement redundant or backup power supplied, redundant data communications
connections, environmental controls (e.g. air conditioning, fire suppression) and
various security devices

10- CCM: In the identity & Access Management (IAM)
domain, what does the number ‘04’ in IAM-04
signify? (CCM)
a- There are 4 controls in that particular domain
b- The control ID is a random number assigned to the control
c- It is the 4th control in the IAM domain (need to check again)
d- None of the above

11- which type of application security testing tests
running applications and includes tests such as web
vulnerability testing and fuzzing? (Domain 10)
a- Functional testing
b- Static Application Security Testing (SAST)
c- Dynamic Application Security Testing (DAST)
d- Code Review
e- Unit Testing


16- if a provider’s infrastructure is not in scope, who is
responsible for building complaint applications and
services? (Domain 7)
a- No one. It is an accepted risk that is written into the terms and conditions
with customers
b- It is up to the consumer and provider to negotiate the solution ( I think I answered this
in test)
c- The provider must create a separate tenant for each customer based on the
various compliance regulations.
d- The customer is responsible for compliant applications and services
e- The provider must update or fix whatever is not in compliance

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller LECTMAGGY. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.48. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

82871 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.48
  • (0)
  Add to cart