Certified Cloud Security Professional Interview Question-Set 2

Question: What are the examples of the cloud infrastructure capability?

Ans – Launching virtual services

Using scalable storage

Question: Which facilitates managing cloud-based delegated administration?


Question: Which security threat encrypts data files?

Ans- Ransomware

Question: Which security standard is related to the protection of cardholder data?


Question: When analysing captured HTTP traffic, which header follows the IP header?

Ans- TCP

Question: What are the benefits of adopting a security-centric approach to develop the applications in the cloud?

Ans- Identify system configuration issues

Early identification and mitigation of security vulnerabilities

Reuse of security strategies and tools

Question: What are the cloud application security issues?

Ans- Attack surface has increased

API calls travel across the Internet and are subject to threats

API calls emanate from multiple device types

Developers create the APIs when building applications

Question: Which network vulnerability is concerned with altering the content of data packets traversing the network and session hijacking?

Ans- Man-in-the-middle attacks

Question: What are characteristics of an SLA?

Ans- Must cover service provision across many jurisdictions

Components of the contractual relationship between CSC and CSP

Uses standardized terminology

Mapped to specific provided cloud services

Question: What are the reasons to warrant the risk management metrics?

Ans- Support objective security analysis

Evaluate information and system security

Ensure security control objectives are fulfilled