Home / Isaca / CCAK

Question list

List of questions

Question 1

(0)

Which of the following BEST ensures adequate restriction on the number of people who can access the pipeline production environment?

Question 2

(0)

Which of the following metrics are frequently immature?

Question 3

(0)

Which of the following should be the FIRST step to establish a cloud assurance program during a cloud migration?

Question 4

(0)

From the perspective of a senior cloud security audit practitioner in an organization of a mature security program with cloud adoption, which of the following statements BEST describes the DevSecOps

Question 5

(0)

The Open Certification Framework is structured on three levels of trust. Those three levels of trust are:

Question 6

(0)

Due to cloud audit team resource constraints, an audit plan as initially approved cannot be completed. Assuming that the situation is communicated in the cloud audit report, which course of action i

Question 7

(0)

Which of the following is a corrective control that may be identified in a SaaS service provider?

Question 8

(0)

The criteria for limiting services allowing non-critical services or services requiring high availability and resilience to be moved to the cloud is an important consideration to be included PRIMARI

Question 9

(0)

When applying the Top Threats Analysis methodology following an incident, what is the scope of the technical impact identification step?

Question 10

(0)

An organization deploying the Cloud Control Matrix (CCM) to perform a compliance assessment will encompass the use of the "Corporate Governance Relevance" feature to filter out those controls:

Question 135 - CCAK discussion

Which of the following is a detective control that may be identified in a Software as a Service (SaaS) service provider?

Data encryption

Incident management

Network segmentation

Privileged access monitoring

Suggested answer: D

Explanation:

A detective control is a type of internal control that seeks to uncover problems in a company's processes once they have occurred1.Examples of detective controls include physical inventory checks, reviews of account reports and reconciliations, as well as assessments of current controls1.Detective controls use platform telemetry to detect misconfigurations, vulnerabilities, and potentially malicious activity in the cloud environment2.

In a Software as a Service (SaaS) service provider, privileged access monitoring is a detective control that can help identify unauthorized or suspicious activities by users who have elevated permissions to access or modify cloud resources, data, or configurations.Privileged access monitoring can involve logging, auditing, alerting, and reporting on the actions performed by privileged users3. This can help detect security incidents, compliance violations, or operational errors in a timely manner and enable appropriate responses.

Data encryption, incident management, and network segmentation are examples of preventive controls, which are designed to prevent problems from occurring in the first place.Data encryption protects the confidentiality and integrity of data by transforming it into an unreadable format that can only be decrypted with a valid key1.Incident management is a process that aims to restore normal service operations as quickly as possible after a disruption or an adverse event4.Network segmentation divides a network into smaller subnetworks that have different access levels and security policies, reducing the attack surface and limiting the impact of a breach1.

Detective controls - SaaS Lens - docs.aws.amazon.com3, section on Privileged access monitoring

Detective controls | Cloud Architecture Center | Google Cloud2, section on Detective controls

Internal control: how do preventive and detective controls work?4, section on SaaS Solutions to Support Internal Control

Detective Control: Definition, Examples, Vs.Preventive Control1, section on What Is a Detective Control?

Show Answer

asked 17/11/2024

Daniel Yontz

44 questions

Your answer: A B C D

0 comments

Sorted by