Are you ready for another practice quiz for the next domain in our prep for the CCSK exam? Here it is! This one is a big area for us in the exam! It is all about Application Security, and of course, how the cloud makes many changes for us in this area.
CCSK Application Security
Start
Congratulations - you have completed CCSK Application Security.
You scored %%SCORE%% out of %%TOTAL%%.
Your performance has been rated as %%RATING%%
Your answers are highlighted below.
Question 1
Which of the following is not considered a challenge with cloud and application security?
A
DevOps
B
Limited detailed visibility
C
Increased application scope
D
Changing threat models
E
Reduced transparency
Question 2
Which is not a major area of application security?
A
SSDLC
B
Design and architecture
C
DevOps
D
SOA
E
CI/CD
Question 3
Which of the following "meta-phases" of software security would include technology like a WAF?
A
Secure Design and Development
B
Secure Deployment
C
Secure Operations
D
Secure Retirement
Question 4
In which phase of the secure design and development process for applications would you most likely engage in code review?
A
Training
B
Define
C
Design
D
Develop
E
Test
Question 5
Security can be enhanced for application design and architecture because the infrastructure can be made immutable. What does this mean?
A
The infrastructure calls upon serverless compute
B
The infrastructure is built using many microservices
C
The infrastructure is completed from a template and changes can be precisely controlled
D
The infrastructure features enhanced segregation
Question 6
Fuzzing might be employed as a testing technique during what type of application development approach?
A
SOAP
B
SOA
C
SAST
D
DAST
Once you are finished, click the button below. Any items you have not completed will be marked incorrect.
Get Results
There are 6 questions to complete.
←
List
→
Return
Shaded items are complete.
1
2
3
4
5
6
End
Return
You have completed
questions
question
Your score is
Correct
Wrong
Partial-Credit
You have not finished your quiz. If you leave this page, your progress will be lost.
Incident response (IR) is the well-coordinated effort to rapidly respond to security incidents in the most efficient, cost-effective manner. The goal of incident response is to:
Quickly identify an attack
Minimize its effects
Contain the damage
Identify and remediate the root cause of the incident
Reduce the risk of future incidents
Here is a quiz to challenge you!
CCSK Incident Response
Start
Congratulations - you have completed CCSK Incident Response.
You scored %%SCORE%% out of %%TOTAL%%.
Your performance has been rated as %%RATING%%
Your answers are highlighted below.
Question 1
According to the NIST, which is not a phase of major activities in the Incident Response Lifecycle?
A
Operations
B
Detection and Analysis
C
Containment, Eradication, and Recovery
D
Preparation
Question 2
According to the NIST, when might you assign an Incident Manager to coordinate further actions?
A
Preparation
B
Detection and Analysis
C
Containment, Eradication, and Recovery
D
Post-Mortem
Question 3
What is a "Cloud Jump Kit"?
A
The tools needed to investigate in a remote location
B
A written policy for a Public cloud vendor shift
C
A blueprint that seeks to avoid vendor lock-in
D
A compliance catalog for a public cloud vendor
Question 4
According to the NIST, when might you need to snapshot the storage of the virtual machine?
A
During preparation
B
During detection and analysis
C
During post-mortem
D
During eradication
Question 5
According to the NIST, when might it be clear that you need to attempt to re-negotiate an SLA?
A
During containment
B
During detection
C
During post-mortem
D
During preparation
Once you are finished, click the button below. Any items you have not completed will be marked incorrect.
Get Results
There are 5 questions to complete.
←
List
→
Return
Shaded items are complete.
1
2
3
4
5
End
Return
You have completed
questions
question
Your score is
Correct
Wrong
Partial-Credit
You have not finished your quiz. If you leave this page, your progress will be lost.
