ExamGecko
Search Search Login
Home Home / Isaca / Cybersecurity Audit
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indication of mature third-party vendor risk management for an organization?
Using digital evidence to provide validation that an attack has actually occurred is an example of;
Which of the following is the BEST indication that an organization's vulnerability management process is operating effectively?
The GREATEST advantage of using a common vulnerability scoring system is that it helps with:
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?
Which of the following BEST characterizes security mechanisms for mobile devices?
Using a data loss prevention (DLP) solution to monitor data saved to a USB memory device is an example of managing:
The risk of an evil twin attack on mobile devices is PRIMARILY due to:
What is the FIRST activity associated with a successful cyber attack?
Which of the following backup procedure would only copy files that have changed since the last backup was made?

Question 62 - Cybersecurity Audit discussion

Report
Export

Which of the following is the GREATEST drawback when using the AICPA/CICA Trust Sen/ices to evaluate a cloud service provider?

A.
Incompatibility with cloud service business model
Answers
A.
Incompatibility with cloud service business model
B.
Lack of specificity m the principles
Answers
B.
Lack of specificity m the principles
C.
Omission of confidentiality in the criteria
Answers
C.
Omission of confidentiality in the criteria
D.
Inability to issue SOC 2 or SOC 3 reports
Answers
D.
Inability to issue SOC 2 or SOC 3 reports
Suggested answer: B

Explanation:

The GREATEST drawback when using the AICPA/CICA Trust Services to evaluate a cloud service provider is the lack of specificity in the principles. This is because the AICPA/CICA Trust Services are a set of principles and criteria that provide guidance for evaluating and reporting on controls over information systems and services. However, the principles and criteria are very broad and generic, and do not address the specific risks and challenges that are associated with cloud services, such as data sovereignty, multi-tenancy, portability, etc. The other options are not drawbacks when using the AICPA/CICA Trust Services to evaluate a cloud service provider, but rather different aspects or benefits of using the AICPA/CICA Trust Services to evaluate a cloud service provider, such as compatibility (A), confidentiality C, or reporting (D).

Show Answer
asked 18/09/2024
Willem Alves
28 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms