CSA CCSKv5 - Certificate of Cloud Security Knowledge v5 Exam
Page: 1 / 32
Total 159 questions
Question #1 (Topic: Exam A)
Which practice best helps mitigate security risks by minimizing root/core access and restricting deployment creation?
A. Enforcing the principle of ‘trust and eventually verify on demand’
B. Disabling multi-factor authentication for staff and focusing on decision makers’ accounts
C. Deploying applications with full access and applying restrictions based on the need to object
D. Enforcing the principle of least privilege
Answer: D
Question #2 (Topic: Exam A)
What is one primary operational challenge associated with using cloud-agnostic container strategies?
A. Limiting deployment to a single cloud service
B. Establishing identity and access management protocols
C. Reducing the amount of cloud storage used
D. Management plane compatibility and consistent controls
Answer: D
Question #3 (Topic: Exam A)
How can the use of third-party libraries introduce supply chain risks in software development?
A. They are usually open source and do not require vetting
B. They might contain vulnerabilities that can be exploited
C. They fail to integrate properly with existing continuous integration pipelines
D. They might increase the overall complexity of the codebase
Answer: B
Question #4 (Topic: Exam A)
Which aspect is most important for effective cloud governance?
A. Establishing a governance hierarchy
B. Implementing best-practice cloud security control objectives
C. Formalizing cloud security policies
D. Negotiating SLAs with cloud providers
Answer: B
Question #5 (Topic: Exam A)
What are the essential characteristics of cloud computing as defined by the NIST model?
A. Resource sharing, automated recovery, universal connectivity, distributed costs, fair pricing
B. High availability, geographical distribution, scaled tenancy, continuous resourcing, market pricing
C. On-demand self-service, broad network access, resource pooling, rapid elasticity, measured service
D. Equal access to dedicated hosting, isolated networks, scalability resources, and automated continuous provisioning
Answer: C
