ExamTopics Logo
Mail Us[email protected]
Menu
Csa Discussions
exam questions

Exam CCSK All Questions

View all questions & answers for the CCSK exam
Go to Exam

Exam CCSK topic 1 question 170 discussion

Actual exam question from CSA's CCSK
Question #: 170
Topic #: 1
[All CCSK Questions]

CCM: A hypothetical company called "Security4Sure" provides a cloud based service to share confidential documents. The confidential documents are stored in their servers and are encrypted. How will Security4Sure ensure the protection of client data within their data center?

  • A. Audit plans should not be adopted and supported by the most senior governing elements of the organization (e.g. the board and the management)
  • B. Encrypt the data at rest and put in place appropriate measures for management of encryption keys
  • C. Implement redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and various security devices
  • D. Use a secure transfer channel (i.e. TLS)
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by byfener at Aug. 10, 2023, 5:52 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CollabGuy
8 months, 1 week ago
Selected Answer: B
I think although it says that the data is already encrypted, key management is of paramount importance, because if the keys are in the same server, then it's the same as not being encrypted. That is the "Key" - pun intended. Therefore, B is indeed the correct answer: "B. Encrypt the data at rest AND put in place appropriate measures for MANAGEMENT OF ENCRYPTION KEYS" In C: " Implement redundant or backup power supplies" - how does this protect the data? Redundant data communications connections - how does this protect the data?
upvoted 1 times
...
Alcpt
10 months, 3 weeks ago
Selected Answer: C
Answer is data at test'in the data centre" = C. TLS is more for data on flight.
upvoted 1 times
Alcpt
10 months, 3 weeks ago
I mean B!! No damn edit function here
upvoted 1 times
...
...
Viral123
1 year, 2 months ago
Selected Answer: C
C is the correct answer
upvoted 2 times
...
byfener
1 year, 11 months ago
Selected Answer: B
To ensure the protection of client data within their data center, Security4Sure should encrypt the data at rest. Encrypting data at rest helps safeguard sensitive information even if physical access to the servers is obtained. Additionally, Security4Sure should put in place appropriate measures for the management of encryption keys. Proper key management ensures that only authorized individuals have access to the encryption keys, which are crucial for decrypting the data.
upvoted 2 times
Viral123
1 year, 2 months ago
I think you did not read the question correctly, it says data is stored in their servers and are encrypted so B is incorrect C is the correct answer.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel