New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Isaca CCAK Based on Real Exam Environment

Page: 12 / 13
Question 48

Regarding cloud service provider agreements and contracts, unless otherwise stated, the provider is:

Options:

A.

responsible to the cloud customer and its clients.

B.

responsible only to the cloud customer.

C.

not responsible at all to any external parties.

D.

responsible to the cloud customer and its end users

Question 49

Which of the following standards is designed to be used by organizations for cloud services that intend to select controls within the process of implementing an information security management system based on ISO/IEC 27001?

Options:

A.

ISO/IEC 27002

B.

Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)

C.

NISTSP 800-146

D.

ISO/IEC 27017:2015

Question 50

Application programming interfaces (APIs) are likely to be attacked continuously by bad actors because they:

Options:

A.

are the asset with private IP addresses.

B.

are generally the most exposed part.

C.

could be poorly designed.

D.

act as a very effective backdoor.

Question 51

A new company has all its operations in the cloud. Which of the following would be the BEST information security control framework to implement?

Options:

A.

NIST 800-73, because it is a control framework implemented by the main cloud providers

B.

ISO/IEC 27018

C.

ISO/IEC 27002

D.

(S) Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)

Page: 12 / 13
Exam Code: CCAK
Exam Name: Certificate of Cloud Auditing Knowledge
Last Update: Dec 22, 2024
Questions: 182
CCAK pdf

CCAK PDF

$25.5  $84.99
CCAK Engine

CCAK Testing Engine

$28.5  $94.99
CCAK PDF + Engine

CCAK PDF + Testing Engine

$40.5  $134.99