New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CCAK Leak Questions

Page: 12 / 14
Total 182 questions

Certificate of Cloud Auditing Knowledge Questions and Answers

Question 45

After finding a vulnerability in an Internet-facing server of an organization, a cybersecurity criminal is able to access an encrypted file system and successfully manages to overwrite parts of some files with random data. In reference to the Top Threats Analysis methodology, how would the technical impact of this incident be categorized?

Options:

A.

As an availability breach

B.

As a control breach

C.

As a confidentiality breach

D.

As an integrity breach

Question 46

Which of the following enables auditors to conduct gap analyses of what a cloud service provider offers versus what the customer requires?

Options:

A.

Using a standardized control framework

B.

The experience gained over the years

C.

Understanding the customer risk profile

D.

The as-is and to-be enterprise architecture (EA

Question 47

Which of the following is an example of integrity technical impact?

Options:

A.

The cloud provider reports a breach of customer personal data from an unsecured server.

B.

distributed denial of service (DDoS) attack renders the customer's cloud inaccessible for 24 hours.

C.

An administrator inadvertently clicked on phish bait, exposing the company to a ransomware attack.

D.

A hacker using a stolen administrator identity alters the discount percentage in the product database.

Question 48

Which of the following is the BEST tool to perform cloud security control audits?

Options:

A.

Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)

B.

General Data Protection Regulation (GDPR)

C.

Federal Information Processing Standard (FIPS) 140-2

D.

ISO 27001

Page: 12 / 14
Total 182 questions