ExamGecko
Login
Home / Isaca / CCAK / List of questions
Ask Question

Isaca CCAK Practice Test - Questions Answers, Page 13

Add to Whishlist

List of questions

Question 121

Report Export Collapse

Which of the following would be considered as a factor to trust in a cloud service provider?

Become a Premium Member for full access
  Unlock Premium Member

Question 122

Report Export Collapse

Which of the following quantitative measures is KEY for an auditor to review when assessing the implementation of continuous auditing of performance on a cloud system?

Become a Premium Member for full access
  Unlock Premium Member

Question 123

Report Export Collapse

In cloud computing, with whom does the responsibility and accountability for compliance lie?

Become a Premium Member for full access
  Unlock Premium Member

Question 124

Report Export Collapse

A certification target helps in the formation of a continuous certification framework by incorporating:

Become a Premium Member for full access
  Unlock Premium Member

Question 125

Report Export Collapse

Which of the following are the three MAIN phases of the cloud controls matrix (CCM) mapping methodology?

Become a Premium Member for full access
  Unlock Premium Member

Question 126

Report Export Collapse

Which of the following activities are part of the implementation phase of a cloud assurance program during a cloud migration?

Become a Premium Member for full access
  Unlock Premium Member

Question 127

Report Export Collapse

The three layers of Open Certification Framework (OCF) PRIMARILY help cloud service providers and cloud clients improve the level of:

Become a Premium Member for full access
  Unlock Premium Member

Question 128

Report Export Collapse

While using Software as a Service (SaaS) to store secret customer information, an organization identifies a risk of disclosure to unauthorized parties. Although the SaaS service continues to be used, secret customer data is not processed. Which of the following risk treatment methods is being practiced?

Become a Premium Member for full access
  Unlock Premium Member

Question 129

Report Export Collapse

A business unit introducing cloud technologies to the organization without the knowledge or approval of the appropriate governance function is an example of:

Become a Premium Member for full access
  Unlock Premium Member

Question 130

Report Export Collapse

Which industry organization offers both security controls and cloud-relevant benchmarking?

Become a Premium Member for full access
  Unlock Premium Member
Total 195 questions
Go to page: of 20
Open VPLUS File
Convert VPLUS to PDF

Related questions

Policies and procedures shall be established, and supporting business processes and technical measures implemented, for maintenance of several items ensuring continuity and availability of operations and support personnel. Which of the following controls BEST matches this control description?
An organization deploying the Cloud Control Matrix (CCM) to perform a compliance assessment will encompass the use of the "Corporate Governance Relevance" feature to filter out those controls:
With regard to the Cloud Control Matrix (CCM), the 'Architectural Relevance' is a feature that enables the filtering of security controls by:
A certification target helps in the formation of a continuous certification framework by incorporating:
What is below the waterline in the context of cloud operationalization?
To ensure that cloud audit resources deliver the best value to the organization, the PRIMARY step would be to:
Which statement about compliance responsibilities and ownership of accountability is correct?
A Dot Release of Cloud Control Matrix (CCM) indicates what?
When establishing cloud governance, an organization should FIRST test by migrating:
Which of the following would be a logical starting point for an auditor who has been engaged to assess the security of an organization's DevOps pipeline?