ExamGecko
Search Search Login
Home Home / Isaca / Cybersecurity Audit
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indication of mature third-party vendor risk management for an organization?
The GREATEST advantage of using a common vulnerability scoring system is that it helps with:
Which of the following BEST characterizes security mechanisms for mobile devices?
Using digital evidence to provide validation that an attack has actually occurred is an example of;
Which of the following is the BEST indication that an organization's vulnerability management process is operating effectively?
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?
Using a data loss prevention (DLP) solution to monitor data saved to a USB memory device is an example of managing:
The risk of an evil twin attack on mobile devices is PRIMARILY due to:
What is the FIRST activity associated with a successful cyber attack?
Which of the following backup procedure would only copy files that have changed since the last backup was made?

Question 69 - Cybersecurity Audit discussion

Report
Export

An IS auditor has learned that a cloud service provider has not adequately secured its application programming interface (API). Which of the following is MOST important for the auditor to consider in an assessment of the potential risk factors?

A.
Resource contention
Answers
A.
Resource contention
B.
Identity spoofing and phishing
Answers
B.
Identity spoofing and phishing
C.
Confidentiality, integrity, and availability
Answers
C.
Confidentiality, integrity, and availability
D.
Denial of service
Answers
D.
Denial of service
Suggested answer: C

Explanation:

The MOST important thing for an IS auditor to consider in an assessment of the potential risk factors when a cloud service provider has not adequately secured its application programming interface (API) is the impact on theconfidentiality, integrity, and availabilityof the cloud service. An API is a set of rules and protocols that allows communication and interaction between different software components or systems. An API is often used by cloud service providers to enable customers to access and manage their cloud resources and services. However, if an API is not adequately secured, it can expose the cloud service provider and its customers to various threats, such as unauthorized access, data breaches, tampering, denial-of-service attacks, or malicious code injection.

Show Answer
asked 18/09/2024
Renier Janse van Rensburg
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms