8/23/22, 9:51 PM CCSK Practice Quiz - Intrinsec

1-855-732-3348 USD $

Learn About Our CCSK X CCSP Training Week

Home » CCSK Practice Quiz » CCSK Practice Quiz

CCSK Practice Quiz

Sample: CCSK Test Prep Program

1. Cloud Service Providers will create separate IR plans for each client.

1. True

2. False

Given the number of clients and economies of scale, it is not realistic to expect a CSP to create an incident response
plan for every client. Page 107 of the guidance does make the following recommendation: "For each cloud service
provider used, the approach to detecting and handling incidents involving the resources hosted at that provider must
be planned and described in the enterprise incident response plan." This would be a customer responsibility, not the
provider.

2. Incident Response processes must be updated for serverless computing.

1. True

2. False

The statement is True. Page 152 lists this as a recommendation. Incident response processes will require updating as a
result of use of serverless compute.

3. What is a concern associated with Security as a Service (SECaaS)?

1. Scaling and cost

2. Staffing and Expertise

3. Insulation of Clients

4. Handling of Regulated Data

5. Deployment Flexibility

The concern associated with Security as a Service (SECaaS) is Handling of Regulated data (pages 141 and 142). All
other answers are benefits associated with SECaaS.

https://intrinsecsecurity.com/quiz/ccsk-public-quiz/ 1/4
8/23/22, 9:51 PM CCSK Practice Quiz - Intrinsec

4. Which of the following is a key control for protecting and managing data in a cloud? (select the best answer)

1. Access Controls

2. Managing data location/residency

3. Ensuring compliance, including audit artifacts (logs, configurations)

4. Backups and business continuity

5. All of the above

The best answer is Access Controls. Although data security controls, all other options are identified as controls for
enforcing information lifecycle management security, not protecting and managing data in a cloud. This can be seen
on page 120 of the guidance.

5. What is a Cloud Overlay Network?

1. Implemented using VLAN technology

2. The API set that connects the cloud controller to all underlying resource pools

3. The management network that connects instances and attached storage devices

4. Allows a Network Attached Storage (NAS) device to be connected to the storage pool

5. Network virtualization that allows networks to span multiple base networks

The best answer is "Network virtualization that allows networks to span multiple base networks" as found on page 97.
For a bit deeper of a discussion not found in the guidance (and therefore not going to be tested), Cloud Overlay
Networks basically encapsulates or tunnels Layer 2 information (e.g. MAC addresses) over Layer 3 (IP) networks. This
encapsulation (e.g. VXLAN) allows network architects to greatly expand the capabilities of having server instances on
different machines spread across a (or multiple) physical environment(s) as it essentially eliminates the confines of
network addressing and network routing. If you are interested, I found a YouTube video that clearly introduces this
topic (Google 'Youtube Introduction to Cloud Overlay Networks by David Mahler').

6. In IaaS, there are generally two macro layers to infrastructure, the raw, physical and logical resources to build
resource pools and the virtual/abstracted infrastructure. Who manages each?

1. Provider defines and manages both

2. Customer defines and manages both

3. Cloud Broker defines and manages both

4. Provider defines and manages resource pool, customer defines and manages virtual infrastructure

5. Customer defines and manages resource pool, provider defines and manages virtual infrastructure

The correct answer is D. According to pages 77 and 78, the Provider defines and manages resource pool, customer
defines and manages virtual infrastructure. A cloud broker would work on a customer behalf, so that answer is also
incorrect.

7. Attestations and certifications are valid for what duration?

https://intrinsecsecurity.com/quiz/ccsk-public-quiz/ 2/4
8/23/22, 9:51 PM CCSK Practice Quiz - Intrinsec

1. 3 Months

2. 6 Months

3. 1 Year

4. For duration of contract

5. There is no period of validity

The correct answer is E. Certifications are point-in-time activities. There is no assurance these will be valid at any
future point. Page 58 includes the following statement: "It's important to remember that attestations and certifications
are point-in-time activities. An attestation is a statement of an 'over a period of time' assessment and may not be valid
at any future point."

8. Containers provide security isolation.

1. True

2. False

This statement is false. Guidance page 98 states: "Containers don't necessarily provide full security isolation, but they
do provide task segregation". Virtual machines typically do provide security isolation. Putting tasks of equivalent
security context on the same set of physical or virtual hosts will provide greater security segregation.

9. What phases of the Incident Response lifecycle are impacted by service models?

1. Preparation.

2. Detection & Analysis.

3. Containment, eradication & recovery.

4. All of the above.

5. B&C

The correct answer is D. All the phases of the Incident Response Lifecycle are impacted to various degrees in all service
models. All relevant phases (starting on page 103 of the guidance) refer to the extent of change associated with the
various models. Specifically, page 103 also has the following quote "Each of the phases of the lifecycle is affected to
different degrees by a cloud deployment."

10. Virtual Machines on modern hypervisors are considered an effective security control.

1. True

2. False

Page 85 of the guidance states "VMs on modern hypervisors are generally an effective security control".

Your score:

6/10
https://intrinsecsecurity.com/quiz/ccsk-public-quiz/ 3/4
8/23/22, 9:51 PM CCSK Practice Quiz - Intrinsec

RETAKE THE QUIZ

VIEW THE COURSE

VIEW MORE QUIZZES

Upgrade your Skills. Secure your Potential.

TRAINING SCHEDULE CONTACT US

https://intrinsecsecurity.com/quiz/ccsk-public-quiz/ 4/4