ExamGecko
Login
Home / Isaca / CCAK / List of questions
Ask Question

Isaca CCAK Practice Test - Questions Answers, Page 12

Add to Whishlist

List of questions

Question 111

Report Export Collapse

What is the advantage of using dynamic application security testing (DAST) over static application security testing (SAST) methodology?

Become a Premium Member for full access
  Unlock Premium Member

Question 112

Report Export Collapse

Which of the following is a cloud-specific security standard?

Become a Premium Member for full access
  Unlock Premium Member

Question 113

Report Export Collapse

Cloud Control Matrix (CCM) controls can be used by cloud customers to:

Become a Premium Member for full access
  Unlock Premium Member

Question 114

Report Export Collapse

Account design in the cloud should be driven by:

Become a Premium Member for full access
  Unlock Premium Member

Question 115

Report Export Collapse

In the context of Infrastructure as a Service (IaaS), a vulnerability assessment will scan virtual machines to identify vulnerabilities in:

Become a Premium Member for full access
  Unlock Premium Member

Question 116

Report Export Collapse

When using a SaaS solution, who is responsible for application security?

Become a Premium Member for full access
  Unlock Premium Member

Question 117

Report Export Collapse

The PRIMARY objective for an auditor to understand the organization's context for a cloud audit is to:

Become a Premium Member for full access
  Unlock Premium Member

Question 118

Report Export Collapse

A cloud service provider does not allow audits using automated tools as these tools could be considered destructive techniques for the cloud environment. Which of the following aspects of the audit will be constrained?

Become a Premium Member for full access
  Unlock Premium Member

Question 119

Report Export Collapse

When establishing cloud governance, an organization should FIRST test by migrating:

Become a Premium Member for full access
  Unlock Premium Member

Question 120

Report Export Collapse

When building a cloud governance model, which of the following requirements will focus more on the cloud service provider's evaluation and control checklist?

Become a Premium Member for full access
  Unlock Premium Member
Total 195 questions
Go to page: of 20
Open VPLUS File
Convert VPLUS to PDF

Related questions

Policies and procedures shall be established, and supporting business processes and technical measures implemented, for maintenance of several items ensuring continuity and availability of operations and support personnel. Which of the following controls BEST matches this control description?
An organization deploying the Cloud Control Matrix (CCM) to perform a compliance assessment will encompass the use of the "Corporate Governance Relevance" feature to filter out those controls:
With regard to the Cloud Control Matrix (CCM), the 'Architectural Relevance' is a feature that enables the filtering of security controls by:
A certification target helps in the formation of a continuous certification framework by incorporating:
What is below the waterline in the context of cloud operationalization?
To ensure that cloud audit resources deliver the best value to the organization, the PRIMARY step would be to:
Which statement about compliance responsibilities and ownership of accountability is correct?
A Dot Release of Cloud Control Matrix (CCM) indicates what?
When establishing cloud governance, an organization should FIRST test by migrating:
Which of the following would be a logical starting point for an auditor who has been engaged to assess the security of an organization's DevOps pipeline?