CCSK Practice Tests
Ben Malisow
Technical Editor: Mohamad Malaki
CCSK Practice Tests
Copyright 2021 Ben Malisow
All rights reserved.
No part of this work may be reproduced or distributed in any form, except under written permission of the author.
Cover art: Rachel Ribando-Gros
Technical editor: Mohamed Malki
Typeset and formatting: Robin Cabe
Includes bibliographical references for educational/training purposes.
This book was made using no recyclable material whatsoever, and as much waste as possible was created in order to produce it.
This book is fondly dedicated to my Norwegian friends, especially Roger Ison-Haug, for their interest in all things INFOSEC, cloud, and particularly the CCSK certification.
Introduction
How to use this book
This book is intended to help you pass the CCSK (Certificate of Cloud Security Knowledge) examination from the Cloud Security Alliance (CSA). There are 16 chapters, for each of the 16 topic areas of the exam, and approximately 300 questions total in this book. The number of questions in each chapter roughly relates to the proportional weight of that topic on the exam.
For example: there are 60 questions on the actual exam; three of those come from the ENISA Cloud Computing Benefits, Risks, and Recommendations document, so there are 15 practice questions in Chapter 16 of this book related to the ENISA document. There is only one question on the actual exam related to Domain 14 of the CSA Cloud Security Guidance v4, so there are five practice questions in Chapter 14 of this book related to that Domain.
The weights of the questions related to each topic area are listed in a document called Certificate of Cloud Security Knowledge Guide, which is one of the documents included in the CCSK Prep Kit v4, available for free from the CSA website: https://cloudsecurityalliance.org/education/ccsk/study-guide/
It is absolutely imperative to download the Prep Kit; it also includes the source documents for the questions on the exam:
- CSA Cloud Security Guidance v4
- CSA Cloud Controls Matrix (CCM)
- ENISA Cloud Computing: Benefits, Risks, and Recommendations for Information Security
How to take the exam
You will take the test online, through a link provided by CSA after you have registered and paid for the exam. Please use the following advice prior to using your exam link, and while taking the test.
Ctrl-F is your friend. This is an open book test, which means you are allowed to use any reference material youd like while youre taking the test. I highly, highly, highly recommend keeping the Cloud Security Alliance (CSA) Security Guidance v4, CCM, CAIQ, and ENISA document open in other windows while youre taking the exam. The CCSK exam, unlike other certification tests Ive seen (or taken), is wildly specific. There are questions that drill down on particular words/terms used in the source material (particularly Cloud Security Alliance (CSA) Security Guidance v4)and, sometimes, words and terms Ive only encountered in that document, and not used in common practice.
Know the NIST/ISO cloud definitions. In order to better understand the shared responsibilities model, and distinguish between IaaS, PaaS, and SaaS, I highly recommend looking at the Pizza-as-a-Service model. (While finding the definitive original source of this concept might not be possible, most attribution Ive seen gives credit to Albert Barron, so thats the link Im going to offer: https://www.linkedin.com/pulse/20140730172610-9679881-pizza-as-a-service/ ).
Keep an eye on the time. The clock starts once you begin the test. If your computer/browser/connection crashes, the clock keeps ticking. Dont get too anxious, but be aware of how much time has elapsed, and how much you have left. Dont concentrate too much on a single question that you burn more time than necessary. You can come back to any question that was giving you trouble later, after youve completed the other questions.
The test is dissimilar from other certification exams. Most other multiple-choice exams in our industry only have one correct selection, and usually only four options are presented for each question. Example:
Question: What is the answer to this question? A, B, C, or D
Answer: D
The CCSK test includes many questions that have more than four answer options, and many questions require that you choose more than one response (or give you the choice to select more than one) Example:
Question: What is the answer to this question? Choose all that apply; A, B, C, D, E, F, G, H
Answer: B and G
This can be extremely challenging and confusing. Ive tried to replicate this effect in some of the practice questions. Another difficult type of question (also atypical for this kind of certification) requires you to put the answers in the correct order Example:
Question: Put these letters in the correct order; B, D, A, G, H, E, C, F
Answer: A, B, C, D, E, F, G, H
Personally, I found these extremely tough. I do not know how the questions with multiple possible responses are scored (that is, whether you get partial credit for choosing one correct selection, but one wrong selection), but the test did state that these questions are worth more points than questions with a single answer. I suggest treating these with special care when you see them on the exam.
Make sure youve got the right browser. The test portal may behave differently based on which browser you use, whether youre using ad-blockers, and which OS youre using. You will be allowed to test the operation of the test before starting; please do this.
Set up well. Make sure your testing area (the room youll be sitting in while you take the test) will be quiet and free of interruptions while youre taking the exam. Make sure your Internet connection is stable. Make sure your power supply is sufficient. You may want to have more than one monitor open, to switch between sources and the exam window.
Dont panic. The time allowed for the exam should be enough to answer every question correctly. Also, if you fail on your first attempt, your registration allows you to retake the exam a second time without paying more.
Good luck. Please feel free to contact me if you have any questions or concerns about this book or the exam: .
Domain 1
Cloud Computing Concepts and Architectures
CCSK Practice Tests Cloud Security Alliance (CSA) Security Guidance v4
1. Alice runs a small software development company, and wants to use a cloud environment to install, test, and modify applications across a number of operating systems (OSs). Which cloud service model is probably best for her purposes?
A. IaaS
B. PaaS
C. SaaS
D. Grimbo
2. You are the security officer for a small business that stores medical records for wealthy celebrities; your clients pay premium prices for the highest possible security. Your company is considering moving from a traditional, on-premise data center to the cloud. Senior management has asked for your recommendation on which cloud deployment model to use. You recommend:
A. public cloud
B. private cloud
C. community cloud
D. hybrid cloud
3. In an IaaS model, which party is responsible for ensuring that the operating system (OS) on the guest virtual machine (VM) is configured, maintained, and patched properly?
A. cloud provider
B. regulator
C. auditor
D. cloud customer
4. Which of the following terms is not used to describe cloud computing, in either the ISO or NIST definitions?
