Cloud Security Alliance Updated CCSK Exam Questions and Answers by ezra

Compensating controls are implemented when the required controls for a cybersecurity framework cannot be met due to technical or practical limitations. These controls are alternative measures that provide similar protection or risk mitigation. Compensating controls help to ensure that the security posture remains strong even when the primary controls cannot be applied.

Detective controls focus on identifying security incidents after they occur but do not replace required controls. Preventive controls aim to prevent security incidents from occurring but may not always be possible or practical to implement in certain situations. Administrative controls include policies and procedures but do not address the need for compensating measures when technical controls cannot be met.

DNS logs capture information on domain name resolution, while Flow logs capture details about network traffic, including source, destination, and protocol. Reference: [CCSK Study Guide, Domain 7 - Infrastructure & Networking]

The Preparation phase focuses on setting up an incident response team and developing plans to handle incidents efficiently when they occur. Reference: [Security Guidance v5, Domain 11 - Incident Response]