Free CCSK Exam Dumps

Question 16

How should an SDLC be modified to address application security in a Cloud Computing environment?

A. Integrated development environments
B. Updated threat and trust models
C. No modification is needed
D. Just-in-time compilers
E. Both B and C

Correct Answer:A

Question 17

CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.
Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?

A. The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Ac
B. They could then assess the remaining control
C. This approach will save time.
D. The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Ac
E. They could then assess the remaining controls thoroughl
F. This approach saves time while being able to assess the company’s overall security posture in an efficient manner.
G. The CCM domains are not mapped to HIPAA/HITECH Ac
H. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CC
I. This approach will allow a thorough assessment of the security posture.

Correct Answer:C

Question 18

Without virtualization, there is no cloud.

A. False
B. True

Correct Answer:B

Question 19

What can be implemented to help with account granularity and limit blast radius with laaS an PaaS?

A. Configuring secondary authentication
B. Establishing multiple accounts
C. Maintaining tight control of the primary account holder credentials
D. Implementing least privilege accounts
E. Configuring role-based authentication

Correct Answer:B

Question 20

Your SLA with your cloud provider ensures continuity for all services.

A. False
B. True

Correct Answer:A