New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CCAK Exam Questions Tutorials

Page: 9 / 14
Total 182 questions

Certificate of Cloud Auditing Knowledge Questions and Answers

Question 33

The FINAL decision to include a material finding in a cloud audit report should be made by the:

Options:

A.

auditee's senior management.

B.

organization's chief executive officer (CEO).

C.

cloud auditor.

: D. organization's chief information security officer (CISO)

Question 34

An organization employing the Cloud Controls Matrix (CCM) to perform a compliance assessment leverages the Scope Applicability direct mapping to:

Options:

A.

obtain the ISO/IEC 27001 certification from an accredited certification body (CB) following the ISO/IEC 17021-1 standard.

B.

determine whether the organization can be considered fully compliant with the mapped standards because of the implementation of every CCM Control Specification.

C.

understand which controls encompassed by the CCM may already be partially or fully implemented because of the compliance with other standards.

Question 35

The PRIMARY purpose of Open Certification Framework (OCF) for the CSA STAR program is to:

Options:

A.

facilitate an effective relationship between the cloud service provider and cloud client.

B.

enable the cloud service provider to prioritize resources to meet its own requirements.

C.

provide global, accredited, and trusted certification of the cloud service provider.

D.

ensure understanding of true risk and perceived risk by the cloud service users

Question 36

What areas should be reviewed when auditing a public cloud?

Options:

A.

Patching and configuration

B.

Vulnerability management and cyber security reviews

C.

Identity and access management (IAM) and data protection

D.

Source code reviews and hypervisor

Page: 9 / 14
Total 182 questions