Question No. 1

If there are gaps in network logging data, what can you do?

ANothing. There are simply limitations around the data that can be logged in the cloud.

BAsk the cloud provider to open more ports.

CYou can instrument the technology stack with your own logging.

DAsk the cloud provider to close more ports.

ENothing. The cloud provider must make the information available.

Show Answer

Correct Answer: C

Question No. 2

What method can be utilized along with data fragmentation to enhance security?

AEncryption

BOrganization

CKnowledge management

DIDS

EInsulation

Show Answer

Correct Answer: E

Question No. 3

How does running applications on distinct virtual networks and only connecting networks as needed help?

AIt reduces hardware costs

BIt provides dynamic and granular policies with less management overhead

CIt locks down access and provides stronger data security

DIt reduces the blast radius of a compromised system

EIt enables you to configure applications around business groups

Show Answer

Correct Answer: D

Question No. 4

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

AInspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.

BRespect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.

CNegotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.

DProvide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.

EBoth B and C.

Show Answer

Correct Answer: C

Question No. 5

What is a core tenant of risk management?

AThe provider is accountable for all risk management.

BYou can manage, transfer, accept, or avoid risks.

CThe consumers are completely responsible for all risk.

DIf there is still residual risk after assessments and controls are in
place, you must accept the risk.

ERisk insurance covers all financial losses, including loss of
customers.

Show Answer

Correct Answer: B

Free CSA CCSK Exam Actual Questions

The questions for CCSK were last updated On Jan 18, 2025