CSA CCSK Exam Practice Test Instant Access

Question 1

What does it mean if the system or environment is built automatically from a template?

ANothing.

BIt depends on how the automation is configured.

CChanges made in production are overwritten by the next code or template change.

DChanges made in test are overwritten by the next code or template change.

EChanges made in production are untouched by the next code or template change.

Answer : D

Question 2

When designing an encryption system, you should start with a threat model.

AFalse

BTrue

Answer : B

Question 3

When mapping functions to lifecycle phases, which functions are required to successfully process data?

ACreate, Store, Use, and Share

BCreate and Store

CCreate and Use

DCreate, Store, and Use

ECreate, Use, Store, and Delete

Answer : A

Question 4

For third-party audits or attestations, what is critical for providers to publish and customers to evaluate?

AScope of the assessment and the exact included features and services for the assessment

BProvider infrastructure information including maintenance windows and contracts

CNetwork or architecture diagrams including all end point security devices in use

DService-level agreements between all parties

EFull API access to all required services

Answer : C

Question 5

CCM: The Architectural Relevance column in the CCM indicates the applicability of the cloud security control to which of the following elements?

AService Provider or Tenant/Consumer

BPhysical, Network, Compute, Storage, Application or Data

CSaaS, PaaS or IaaS

Answer : C

Question 6

Which of the following statements is true in regards to Data Loss Prevention (DLP)?

ADLP can provide options for quickly deleting all of the data stored in a cloud environment.

BDLP can classify all data in a storage repository.

CDLP never provides options for how data found in violation of a policy can be handled.

DDLP can provide options for where data is stored.

EDLP can provide options for how data found in violation of a policy can be handled.

Answer : E

Question 7

Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?

AAuditors working in the interest of the cloud customer

BIndependent auditors

CCertified by CSA

DAuditors working in the interest of the cloud provider

ENone of the above