최신 CCSK 무료덤프 - Cloud Security Alliance Certificate of Cloud Security Knowledge (v4.0)

A. Federation

B. Continuous Monitoring

C. Principle of Least Privilege

D. Segregation of Duties

A. It compresses data to save space

B. It monitors unauthorized access attempts

C. It speeds up data retrieval times

D. It secures data stored as objects

A. True

B. False

A. Cloud providers are responsible for everything under the 'limited O responsibilities clauses.' The customer and the provider have joint accountability.

B. Organizations are accountable for the security and compliance of their data and systems, even though they may lack full visibility into their cloud provider's infrastructure.

C. Data ownership rights are solely determined by the cloud provider, leaving organizations with no control or accountability over their data.

D. Cloud providers assume full responsibility for the security obligations, and cloud customers are accountable for overall compliance.

A. Static resource allocation

B. Manual patch management

C. Ad hoc security policies

D. Automated compliance checks

A. Network Logs

B. (Service and Application Logs

C. Debug Logs

D. Security Logs

A. They provide real-time threat detection and response

B. They track cloud administrative activities

C. They report on user activities within applications

D. They detail the network traffic between cloud services

A. It enables you to configure applications around business groups

B. It locks down access and provides stronger data security

C. It reduces the blast radius of a compromised system

D. It reduces hardware costs

E. It provides dynamic and granular policies with less management overhead

A. True

B. False

A. It always requires the customer's own encryption keys

B. It is not available without an additional premium service

C. It does not support encryption for data at rest

D. It uses the cloud provider's keys, often at no additional cost

A. More physical control over assets and processes.

B. Greater reliance on contracts, audits, and assessments due to lack of visibility or management.

C. Decreased requirement for proactive management of relationship and adherence to contracts.

D. Increased need, but reduction in costs, for managing risks accepted by the cloud provider.

E. None of the above.

A. Platform as a Service (PaaS)

B. Software as a Service (SaaS)

C. Network as a Service (NaaS)

D. Infrastructure as a Service (laaS)

A. Governance and Retention Management

B. Governing and Risk Metrics

C. Governance and Risk Management

A. Provider may change physical location

B. Mass layoffs may occur

C. Non-binding agreements put at risk

D. Arbitrary contract termination by acquiring company

E. Resource isolation may fail