CCSK Leak Questions

Application Consumer

Database Manager

Application Developer

Cloud Provider

Web Application CISO

Submit the CCM on behalf of the CSP to CSA Security, Trust & Assurance Registry (STAR), a free, publicly accessible registry that documents the security controls provided by CSPs

Use CCM to build a detailed list of requirements and controls that they want their CSP to implement

Use CCM to help assess the risk associated with the CSP

None of the above

The metrics defining the service level required to achieve regulatory objectives.

The duration of time that a security violation can occur before the client begins assessing regulatory fines.

The cost per incident for security breaches of regulated information.

The regulations that are pertinent to the contract and how to circumvent them.

The type of security software which meets regulations and the number of licenses that will be needed.

The development of a routine that covers all necessary security measures.

The diligent habits of good security practices and recording of the same.

The timely and efficient filing of security reports.

The awareness and adherence to obligations, including the assessment and prioritization of corrective actions deemed necessary and appropriate.

The process of completing all forms and paperwork necessary to develop a defensible paper trail.