CCSK 無料問題集「Cloud Security Alliance Certificate of Cloud Security Knowledge (v4.0)」

（A）False

（B）True

（A）Database Activity Monitoring

（B）Data Loss Prevention

（C）URL filters

（D）Intrusion Prevention System

（E）Cloud Access and Security Brokers (CASB)

（A）To increase the speed of data retrieval within the cloud environment

（B）To apply appropriate security controls based on asset sensitivity and importance

（C）To reduce the overall cost of cloud storage solutions

（D）To automate the data encryption process across all cloud services

（A）AI workloads do not require special security considerations compared to other workloads.

（B）AI workloads should be isolated in secure environments with strict access controls.

（C）AI workloads should be openly accessible to foster collaboration and innovation.

（D）Security practices for AI workloads should focus solely on protecting the AI models.

（A）Changes made in production are overwritten by the next code or template change.

（B）It depends on how the automation is configured.

（C）Changes made in test are overwritten by the next code or template change.

（D）Nothing.

（E）Changes made in production are untouched by the next code or template change.

（A）It aids in determining the source IP of the attacker.

（B）To prevent further unauthorized access and limit the management plane blast radius.

（C）Because it simplifies the recovery process and increases the response time.

（D）To facilitate the eradication of malware.

（A）Enhancing user experience with intuitive interfaces.

（B）Increasing scalability and flexibility of cloud solutions.

（C）Ensuring compliance with regulatory requirements and internal policies.

（D）Maximizing cost savings through resource optimization.

（A）Simplifies the management by providing standardized IAM protocols.

（B）Reduces costs by leveraging different pricing models.

（C）Adds complexity by requiring separate configurations and integrations.

（D）Ensures better security by offering diverse IAM models.

（A）Platform as a Service (PaaS)

（B）Software as a Service (SaaS)

（C）Infrastructure as a Service (laaS)

（D）Network as a Service (NaaS)

（A）Focusing on the compliance requirements defined by the laws, regulations, and standards enforced in the jurisdiction where the company is based

（B）Understanding the legal and regulatory requirements of each jurisdiction where data originates, is stored, or processed

（C）Relying on the cloud service provider's compliance certifications for all jurisdictions

（D）Relying only on established industry standards since they adequately address all compliance needs

（A）It monitors unauthorized access attempts

（B）It secures data stored as objects

（C）It compresses data to save space

（D）It speeds up data retrieval times

（A）Risk assessment

（B）Incident response

（C）Vulnerability assessment

（D）Threat modeling

（A）Debug Logs

（B）Network Logs

（C）(Service and Application Logs

（D）Security Logs

（A）False

（B）True