Request More Information

Email:  WhatsApp:

callicon +14129537506
whatsAppIcon +91-984-072-2417 (Chat Only)
emailIcon info@koenig-solutions.com
koenig-logo
Login
whatsAppIcon +91-984-072-2417 (Chat Only)
phoneIcon +14129537506
koenig-logo

Certificate of Cloud Security Knowledge Foundation (CCSKv5) Quiz Questions and Answers

Answer :
  • SCIM

Explanation :

The correct answer is SCIM. According to CSA guidance 4.0 (page 133), System for Cross-domain Identity Management (SCIM) is a standard for provisioning and deprovisioning accounts in external systems and for exchanging attribute information. SAML also allows for secure exchange of attribute information, but the best answer is SCIM as question literally takes from the guidance word-for-word. WAP is a wireless protocol and oAuth is limited to authorization. Service Provisioning Markup Language is no longer referenced in the 4.0 version of the guidance
Answer :
  • The Data Controller

Explanation :

The correct answer is the Data Controller. Page 36 of the guidance states the Data Controller has the primary relationship with an individual. Of note, the guidance uses both data controller and data custodian depending on the applicable jurisdiction. These terms can be used interchangeably. Americans call the role that collects information from individuals (data subjects) as the data custodian whereas Europeans call this role the data controller.
Answer :
  • Physical network inspection will create a bottleneck

Explanation :

The correct answer is C. Bridging traffic from a virtual network to a physical network will cause bottlenecks (Pg. 95). Note, although this cannot be done in a public cloud network, there is no reference to public or private (and the bottleneck remains true).
Answer :
  • Detective

Explanation :

Logging is a detective control. This is not found in the guidance, rather it is a question based on security knowledge. Detection is a critical component of security and should be enabled when feasible.
Answer :
  • Perimeter Security

Explanation :

The correct answer is Perimeter Security (page 71). Although all other options may be valid, perimeter security is listed as the most applicable to protect the components such as web and API servers.
Answer :
  • Isolated Environments

Explanation :

The correct answer is Isolated Environments. Page 109 of the guidance lists this as an opportunity of cloud for application security. All other entries are listed as challenges.