次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)
  • ホーム
  • ブログ
  • CCSK PDF問題集で2024年04月25日最近更新された問題 [Q54-Q76]

CCSK PDF問題集で2024年04月25日最近更新された問題 [Q54-Q76]

Share

CCSK PDF問題集で2024年04月25日最近更新された問題

CCSK試験問題有効なCCSK問題集PDF


クラウドセキュリティアライアンスCCSK(クラウドセキュリティナレッジ(v4.0)の証明書)認定試験は、クラウドセキュリティのスキルと知識を評価する世界的に認知された認定試験です。この試験は、クラウドセキュリティの原則、コンセプト、およびベストプラクティスの理解を評価するよう設計されています。この認定は、ベンダーニュートラルであり、データセキュリティ、コンプライアンス、ガバナンス、アーキテクチャ、およびオペレーションに関連する幅広いトピックをカバーしています。

 

質問 # 54
One of the key technologies that have made cloud computing viable is:

  • A. VLANs
  • B. Virtualization
  • C. Distributed networking
  • D. Storage controllers

正解:B

解説:
Virtualization technologies enable cloud computing to become a real and scalable service offering due to the savings, sharing, and allocations of resources across multiple tenants and environments.


質問 # 55
Which of the following storages is typically used for swap files and other temporary storage needs and is terminated with its instance?

  • A. Content Deliver
  • B. Object based Storage
  • C. Raw Storage
  • D. Ephemeral Storage

正解:D

解説:
Ephemeral storage: This type of storage is relevant for SaaS instances and exists only as long as its instance is up. It is typically used for swap files and other temporary storage needs and is terminated with its instance.


質問 # 56
According to Cloud Security Alliance logical model of cloud computing, which of the following defines the protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

  • A. Metastructure
  • B. Applistructure
  • C. Infrastructure
  • D. Infostructure

正解:A

解説:
According to CSA Securityguidelines4.0. Metastucture is defined as the protocols and mechanisms that provide the interface between the infrastructure layer and the other layers. The glue that ties the technologies and enables management and configuration.


質問 # 57
CCM: In the CCM tool, "Encryption and Key Management" is an example of which of the following?

  • A. Control Specification
  • B. Risk Impact
  • C. Domain

正解:C


質問 # 58
Which one of the following is the key tool of Cloud Governance?

  • A. Data classification
  • B. Auditor Selection
  • C. Business Impact Analysis(BIA)
  • D. Contracts

正解:D

解説:
The primary tool of governance is the contract between a cloud provider and a cloud customer (this is true for public and private cloud). The contract is your only guarantee of any level of service or commitment Ref: CSA Security Guidance V4.0


質問 # 59
"Standards like the SSAE16 have a defined scope. which includes both what is assessed (e.g. which of the provider's services) as well as which controls are assessed. A provider can thus "pass" an audit that doesn't include any security controls. which isn't overly useful for security and risk managers. " True or False?

  • A. True
  • B. False

正解:A

解説:
This is true, When cloud assessment is done, it is very important to understand the scope of the audit and the standard used. In statement above, we can see that, audit scope ofSSAE16 is decided by cloud provider and can be very limited and one may not be get full visilibility into the security of the cloud service provider.


質問 # 60
ENISA: "VM hopping" is:

  • A. Instability in VM patch management causing VM routing errors.
  • B. Looping within virtualized routing systems.
  • C. Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
  • D. Lack of vulnerability management standards.
  • E. Improper management of VM instances, causing customer VMs to be commingled with other customer systems.

正解:C


質問 # 61
In the Software-as-a-service relationship, who is responsible for the majority of the security?

  • A. Cloud Provider
  • B. Application Consumer
  • C. Web Application CISO
  • D. Database Manager
  • E. Application Developer

正解:A


質問 # 62
The Software Defined Perimeter (SDP) includes which components?

  • A. Controller, Firewall, and Gateway
  • B. Client, Firewall, and Gateway
  • C. Client, Controller, and Firewall
  • D. Client, Controller, and Gateway
  • E. Client, Controller, Firewall, and Gateway

正解:D


質問 # 63
Which of the following is NOT a characteristic of cloud computing?

  • A. Reduced personnel cost
  • B. On-demand self service
  • C. Resource Pooling
  • D. Metered service

正解:A

解説:
The characteristics of cloud computing are
1. 0n-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
2. Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms(e.g, mobile phones, tablets, laptops and workstations).
3. Resource pooling: The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction(e.g, country, state or datacenter).
Examples of resources include storage, processing, memory and network bandwidth.
4. Rapid elasticity: Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at anytime.
5. Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service(e.g, storage, processing, bandwidth and active user accounts).
Resource usage can be monitored, controlled and reported, providing transparency for the provider and consumer.


質問 # 64
To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

  • A. Third-party attestations
  • B. Provider and consumer contracts
  • C. Provider run audits and reports
  • D. Provider documentation
  • E. EDiscovery tools

正解:A


質問 # 65
Which of the following can result in vendor lock-in?

  • A. technology
  • B. Proprietary data formats
  • C. Large datasets
  • D. Favourable contract in favour of customer

正解:B

解説:
Proprietary data formats should be avoided. This can result in vendor lock-in.


質問 # 66
Which of the following is typically a policy set that define ingress and egress rules that can apply to single assets or groups of assets, regardless of network location?

  • A. API Gateway
  • B. Database Activity Monitor
  • C. Security Groups
  • D. Intrusion Detection System

正解:C

解説:
SDN firewalls (e.g, security groups) can apply to assets based on more flexible criteria than hardware- based firewalls, since they aren't limited based on physical topology. (Note that this is true of many types of software firewalls, but is distinct from hardware firewalls). SDN firewalls are typically policy sets that define ingress and egress rules that can apply to single assets or groups of assets, regardless of network location (within a given virtual network).
Reference: CSA Security Guidelines V.4 (reproduced here for the educational purpose)


質問 # 67
ln which service model. does cloud security provider has least responsibility?

  • A. XaaS
  • B. IaaS
  • C. PaaS
  • D. SaaS

正解:B

解説:
In IaaS service model. CSP is responsible only for the physical infrastructure.


質問 # 68
Which of the following is the correct pair of risk management standards?

  • A. ISO27002 & ISO27005
  • B. ISO31000 & ISO27017
  • C. ISO27005 & ISO31000
  • D. ISO27001 & ISO27018

正解:C

解説:
IS027005 refers to processes for IT Risk Management whereas ISO31000 refers to Enterprise Risk Management


質問 # 69
Database as a Service is an example of :

  • A. Platform as a Service(PaaS)
  • B. Software as a Service(SaaS)
  • C. Program as a Service(PaaS)
  • D. Infrastructure as a Service(IaaS)

正解:A

解説:
One option. frequently seen in the real world and illustrated in our model. is to build a platform on top of IaaS. A layer of integration and middleware is built on IaaS. then pooled together. orchestrated. and exposed to customers using APIs as PaaS. For example, a Database as a Service could be built by deploying modified database management system software on instances running in IaaS. The customer manages the database via API (and a web console) and accesses it either through the normal database network protocols, or, again, via API.
Ref: CSA Security Guidelines V4.0


質問 # 70
Private clouds can be hosted off-premises as well.

  • A. True
  • B. False

正解:A

解説:
It is true. This is how Private cloud is defined.
Private Cloud: The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off-premises.


質問 # 71
When investigating an incident in an Infrastructure as a Service (IaaS) environment, what can the user investigate on their own?

  • A. Their own virtual instances in the cloud
  • B. The network components controlled by the CSP
  • C. The logs of all customers in a multi-tenant cloud
  • D. The CSP server facility
  • E. The CSP office spaces

正解:A


質問 # 72
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

  • A. Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
  • B. Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
  • C. Both B and C.
  • D. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
  • E. Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.

正解:D


質問 # 73
According to ISO 27018. data processor has explicit control over how CSPs are to use PII.

  • A. False
  • B. True

正解:A

解説:
In ISO 27018, it is the customer who has explicit right over how CSPs will use their information


質問 # 74
Which type of application security testing tests running applications and includes tests such as web vulnerability testing and fuzzing?

  • A. Code Review
  • B. Dynamic Application Security Testing (DAST)
  • C. Functional Testing
  • D. Unit Testing
  • E. Static Application Security Testing (SAST)

正解:B


質問 # 75
Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?

  • A. Software Development Kits (SDKs)
  • B. Application Programming Interface (API)
  • C. Extensible Markup Language (XML)
  • D. Application Binary Interface (ABI)
  • E. Resource Description Framework (RDF)

正解:B


質問 # 76
......


Cloud Security Alliance CCSK(クラウドセキュリティナレッジ証明書(v4.0))試験は、クラウドセキュリティに関する知識とスキルを検証するために設計された認定プログラムです。この認定は業界で非常に求められており、クラウドセキュリティナレッジのベンチマークとして世界的に認められています。プログラムは、クラウドアーキテクチャ、ガバナンス、コンプライアンス、オペレーション、暗号化、仮想化など、幅広いトピックをカバーしています。

 

CCSK問題集合格確定させる練習には120問があります:https://www.jpntest.com/shiken/CCSK-mondaishu

関するブログ

もっと
CCSK無料問題集

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験