View Only
  • 1.  CCAK Study Tips

    Posted Aug 29, 2022 06:09:00 AM

    I like to take your feedback on the factual accuracy of below:

    Private cloud prohibits penetration testing.

    I think this is not true. It is the public cloud which prohibits pen test?

    Do you agree?

    I am preparing my self for the CCAK exam

  • 2.  RE: CCAK Study Tips

    CSA Instructor
    Posted Aug 29, 2022 06:55:00 AM
    What would prohibit a pentest or limit its scope has more to do with legislations and the terms of the pentesting contract. You can pentest any environment (private or public cloud, on-prem infrastructure, your own smartphone, etc...), but you have to stick with the terms of the contract.

    Guillaume Boutisseau
    CCSK Authorized Instructor , CCAK , CCSP

  • 3.  RE: CCAK Study Tips

    CSA Instructor
    Posted Aug 31, 2022 12:55:00 AM
    The sentence is false.
    penetration tests on public cloud - usually require coordination with the provider.
    penetration tests on private cloud  - dependant on the policy of the customer and the provider operating the private cloud. Since each private cloud consumer got their own policy, the sentence is incorrect.

    Moshe Ferber
    Csa Israel

  • 4.  RE: CCAK Study Tips

    Posted Aug 31, 2022 02:11:00 AM

  • 5.  RE: CCAK Study Tips

    Posted Nov 28, 2022 06:32:00 AM
    Thanks for feedback

    I like to have your input also in the factual accuracy of the following:

    What is the best approach to performing security integration testing in large code sets environments where the time of competition is critical?  Which option is correct?  I think it is 1

    1.Perform Paralletl tseting
    2. Perform Full Application Stack Testing
    3. Perform Continous Testing

    Thanks in advance