Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

CCSK by CSA - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

How can web security as a service be deployed for a cloud consumer?

A By proxying or redirecting web traffic to the cloud provider
B By utilizing a partitioned network drive
C On the premise through a software or appliance installation
D Both A and C
E None of the above

Question 4

When configured properly, logs can track every code, infrastructure, and configuration change and connect it back to the submitter and approver, including the test results.

A False
B True

Question 5

What of the following is NOT an essential characteristic of cloud computing?

A Broad Network Access
B Measured Service
C Third Party Service
D Rapid Elasticity
E Resource Pooling

Question 6

Without virtualization, there is no cloud.

A False
B True

Question 7

All assets require the same continuity in the cloud.

A False
B True

Question 8

Which type of application security testing tests running applications and includes tests such as web vulnerability testing and fuzzing?

A Code Review
B Static Application Security Testing (SAST)
C Unit Testing
D Functional Testing
E Dynamic Application Security Testing (DAST)

Question 9

CCM: The Cloud Service Delivery Model Applicability column in the CCM indicates the applicability of the cloud security control to which of the following elements?

A Mappings to well-known standards and frameworks
B Service Provider or Tenant/Consumer
C Physical, Network, Compute, Storage, Application or Data
D SaaS, PaaS or IaaS

Question 10

Any given processor and memory will nearly always be running multiple workloads, often from different tenants.

A False
B True

Question 11

In which deployment model should the governance strategy consider the minimum common set of controls comprised of the Cloud Service Provider contract and the organization's internal governance agreements?

A Public
B PaaS
C Private
D IaaS
E Hybrid

Question 12

What is known as the interface used to connect with the metastructure and configure the cloud environment?

A Administrative access
B Management plane
C Identity and Access Management
D Single sign-on
E Cloud dashboard

Question 13

Big data includes high volume, high variety, and high velocity.

A False
B True

Question 14

What does it mean if the system or environment is built automatically from a template?

A Nothing.
B It depends on how the automation is configured.
C Changes made in production are overwritten by the next code or template change.
D Changes made in test are overwritten by the next code or template change.
E Changes made in production are untouched by the next code or template change.

Question 15

Which type of application security testing involves manual activity that is not necessarily integrated into automated testing?

A Code Review
B Static Application Security Testing (SAST)
C Unit Testing
D Functional Testing
E Dynamic Application Security Testing (DAST)

Question 16

Which meta-phase does the Cloud Security Alliance use to focus on the security and testing activities when moving code from an isolated development environment to production?

A Secure Networking
B Secure Scaling
C Secure Deployment
D Secure Operations
E Secure Design and Development

Question 17

Even with immutable infrastructures, the production environment, should be actively monitored for changes and deviations from approved baselines.

A False
B True

Question 18

ENISA: Licensing Risks refer to:

A Use of country-issued drivers licenses for user identification
B Cloud provider employees not maintaining operating system license files
C Risk that software company may go out of business, leading to expiration of licenses for mission critical software
D A traditional software licensing scheme may lead to high costs or lack of compliance in cloud systems
E Cloud provider may not have all appropriate government operating licenses

Question 19

Which architecture for hybrid cloud connectivity allows you to connect multiple, different cloud networks to a data center using a single hybrid connection?

A Dataconnect
B Multiconnect
C Transitional
D Bastion
E Hybrid

Question 20

CCM: Which of the following statement about CSA's CCM and Security Guidance is False?

A CSA's CCM provides a set of control objective against which an organization should assess cloud security
B CSA's Security Guidance tells you WHAT to do, the CCM tells you HOW to do it
C CSAs Security Guidance provides a set of best practices and recommendations
D CSA's CCM tells you WHAT to do, the Guidance tells you HOW to do it

Question 21

What are the barriers to developing full confidence in security as a service (SecaaS)?

A Federation bridges, software compatibility, and implementation
B Delegations, bipartisan tenancy, and implementation
C Single tenancy and vendor lock-in
D Provisioning, federation, and compliance
E Compliance, multi-tenancy, and vendor lock-in

Question 22

CCM: A hypothetical company called: Health4Sure is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.
Which of the following approach would be most suitable to assess the overall security posture of Health4Sure's cloud service?

A The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls. This approach will save time.
B The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls thoroughly. This approach saves time while being able to assess the company's overall security posture in an efficient manner.
C The CCM domains are not mapped to HIPAA/HITECH Act. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CCM. This approach will allow a thorough assessment of the security posture.

Question 23

Of the choices below which option allows for the most interoperability in security authentication in a cloud environment?

A XHTML
B SAML
C SCORM
D WEP
E WPA or WPA2

Question 24

The key concern of data backup and recovery schemes is:

A Data aggregation should not cause breaches
B They must prevent data loss, unwanted data overwrite and destruction
C Assurance that cloud provider has multiple data centers for disaster recover
D Assurance that deleted data is in fact unrecoverable
E Data should not be commingled with other customers

Question 25

Which regulation affects data controllers with business in Japan?

A Personal Information Protection and Electronic Documents Act (PIPEDA)
B General Data Protection Regulation (GDPR)
C 1995 Data Protection Directive
D Privacy Act 1988
E Act on the Protection of Personal Information

Page 1 of 9 • Questions 1-25 of 207

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

All cloud services utilize virtualization technologies.

A False
B True

Which of the following is NOT a cloud computing characteristic that impacts incidence response?

A The on demand self-service nature of cloud computing environments.
B Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
C The possibility of data crossing geographic or jurisdictional boundaries.
D Object-based storage in a private cloud.
E The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.

CCSKPreview