CCAK

 View Only
  • 1.  CCAK Study Tips

    Posted Aug 29, 2022 06:09:00 AM
    Hi

    I like to take your feedback on the factual accuracy of below:

    Private cloud prohibits penetration testing.

    I think this is not true. It is the public cloud which prohibits pen test?

    Do you agree?

    I am preparing my self for the CCAK exam



  • 2.  RE: CCAK Study Tips

    CSA Instructor
    Posted Aug 29, 2022 06:55:00 AM
    What would prohibit a pentest or limit its scope has more to do with legislations and the terms of the pentesting contract. You can pentest any environment (private or public cloud, on-prem infrastructure, your own smartphone, etc...), but you have to stick with the terms of the contract.

    ------------------------------
    Guillaume Boutisseau
    CCSK Authorized Instructor , CCAK , CCSP
    ------------------------------



  • 3.  RE: CCAK Study Tips

    CSA Instructor
    Posted Aug 31, 2022 12:55:00 AM
    The sentence is false.
    penetration tests on public cloud - usually require coordination with the provider.
    penetration tests on private cloud  - dependant on the policy of the customer and the provider operating the private cloud. Since each private cloud consumer got their own policy, the sentence is incorrect.

    ------------------------------
    Moshe Ferber
    Chairman
    Csa Israel
    ------------------------------



  • 4.  RE: CCAK Study Tips

    Posted Aug 31, 2022 02:11:00 AM