[Full-Version] 2022 New TrainingDump CCAK PDF Recently Updated Questions [Q20-Q45]

[Full-Version] 2022 New TrainingDump CCAK PDF Recently Updated Questions

CCAK Exam with Guarantee Updated 78 Questions

NEW QUESTION 20
CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

• A. Risk Impact
• B. Control Specification
• C. Domain

Answer: B

 

NEW QUESTION 21
Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?

• A. Metastructure
• B. Infostructure
• C. Infrastructure
• D. Datastructure
• E. Applistructure

Answer: C

 

NEW QUESTION 22
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?

• A. An entitlement matrix
• B. An entrylog
• C. A support table
• D. A validation process
• E. An access log

Answer: D

 

NEW QUESTION 23
In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

• A. Multi-tenant environments
• B. Multi-application, single tenant environments
• C. Long distance relationships
• D. Single tenantenvironments
• E. Distributed computing arrangements

Answer: A

 

NEW QUESTION 24
Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

• A. Federated Identity Management
• B. Authoritative source
• C. Authentication
• D. Access control
• E. Entitlement

Answer: E

 

NEW QUESTION 25
ENISA: A reason for risk concerns of a cloud provider being acquired is:

• A. Mass layoffs may occur
• B. Provider may change physical location
• C. Resource isolation may fail
• D. Non-binding agreements put at risk
• E. Arbitrary contract termination by acquiring company

Answer: D

 

NEW QUESTION 26
Which data security control is the LEAST likely to be assigned to an IaaSprovider?

• A. Access controls
• B. Encryption solutions
• C. Application logic
• D. Asset management and tracking
• E. Physical destruction

Answer: C

 

NEW QUESTION 27
CCM: A hypothetical company called: "Health4Sure" is located in the United States and provides cloud based services fortracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document topotential clients.
Which of the following approach would be most suitable to assess the overall security posture of Health4Sure's cloud service?

• A. The CCM domain controls are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered as a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls thoroughly. This approach saves time while being able to assess the company's overall security posture in an efficient manner.
• B. The CCM columns are mapped to HIPAA/HITECH Act and therefore Health4Sure could verify the CCM controls already covered ad a result of their compliance with HIPPA/HITECH Act. They could then assess the remaining controls. This approach will save time.
• C. The CCM domains are not mapped to HIPAA/HITECH Act. Therefore Health4Sure should assess the security posture of their cloud service against each and every control in the CCM. This approach will allow a thorough assessment of the security posture.

Answer: C

 

NEW QUESTION 28
How can virtual machine communications bypass network security controls?

• A. VM images can contain rootkits programmed to bypass firewalls
• B. Most network security systems do not recognize encrypted VM traffic
• C. The guest OS can invoke stealth mode
• D. Hypervisors depend upon multiple network interfaces
• E. VM communications may use a virtual network on the same hardware host

Answer: E

 

NEW QUESTION 29
What is defined as the process by which an opposing party may obtain private documents for use in litigation?

• A. Scope
• B. Risk Assessment
• C. Custody
• D. Subpoena
• E. Discovery

Answer: E

 

NEW QUESTION 30
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

• A. False
• B. True

Answer: B

 

NEW QUESTION 31
Which concept provides the abstraction needed for resource pools?

• A. Metastructure
• B. Hypervisor
• C. Orchestration
• D. Applistructure
• E. Virtualization

Answer: E

 

NEW QUESTION 32
Which of thefollowing items is NOT an example of Security as a Service (SecaaS)?

• A. Intrusion detection
• B. Provisioning
• C. Authentication
• D. Spam filtering
• E. Web filtering

Answer: B

 

NEW QUESTION 33
A client/server configuration will:

• A. optimize system performance by having a server on a front-end and clients on a host.
• B. keep track of all the clients using the IS facilities of a service organization.
• C. limit the clients and servers relationship by limiting the IS facilities to a single hardware system.
• D. enhance system performance through the separation of front-end and back-end processes.

Answer: D

 

NEW QUESTION 34
An internal audit department recently established a quality assurance (QA) program as part of its overall audit program. Which of the following activities is MOST important to include as part of the QA program requirements?

• A. Analyzing user satisfaction reports from business lines
• B. Conducting long-term planning for internal audit staffing
• C. Benchmarking the QA framework to international standards
• D. Reporting OA program results to the audit committee

Answer: A

 

NEW QUESTION 35
To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

• A. Provider documentation
• B. Provider run audits and reports
• C. Third-party attestations
• D. EDiscovery tools
• E. Provider and consumer contracts

Answer: C

 

NEW QUESTION 36
All cloud services utilize virtualization technologies.

• A. False
• B. True

Answer: B

 

NEW QUESTION 37
Which of the following should be an IS auditor's GREATEST concern when reviewing an outsourcing arrangement with a third-party cloud service provider to host personally identifiable data?

• A. Fees are charged based on the volume of data stored by the host.
• B. The organization's servers are not compatible with the third party's infrastructure
• C. The outsourcing contract does not contain a right-to-audit clause.
• D. The data is not adequately segregated on the host platform.

Answer: D

 

NEW QUESTION 38
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

• A. Maintaining customer managed key management and revoking ordeleting keys from the key management system to prevent the data from being accessed again.
• B. Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.
• C. Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.
• D. Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.
• E. Both B and D.

Answer: A

 

NEW QUESTION 39
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

• A. The actualsize of the data and the storage format
• B. The implications of storing complex information on simple storage systems
• C. Thephysical location of the data and how it is accessed
• D. The language of the data and how it affects the user
• E. The fragmentation and encryption algorithms employed

Answer: B

 

NEW QUESTION 40
Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?

• A. Software Development Kits (SDKs)
• B. Application Binary Interface (ABI)
• C. Extensible Markup Language (XML)
• D. Application Programming Interface (API)
• E. Resource Description Framework (RDF)

Answer: D

 

NEW QUESTION 41
Sending data to a provider's storage over an API is likely as much morereliable and secure than setting up your own SFTP server on a VM in the same provider

• A. False
• B. True

Answer: B

 

NEW QUESTION 42
What is true of companies considering a cloud computing business relationship?

• A. The confidentiality agreements between companies using cloud computing services is limited legally to the company, not the provider.
• B. The cloud computing companies are absolved of all data security and associated risks through contracts and data laws.
• C. The companies using the cloud providers are the custodians ofthe data entrusted to them.
• D. The laws protecting customer data arebased on the cloud provider and customer location only.
• E. The cloud computing companies own all customer data.

Answer: C

 

NEW QUESTION 43
CCM: In the CCM tool, "Encryption and Key Management" is an example of which of the following?

• A. Domain
• B. Risk Impact
• C. Control Specification

Answer: A

 

NEW QUESTION 44
When deploying an application that was created using the programming language and tools supported by the cloud provider, the MOST appropriate cloud computing model for an organization to adopt is:

• A. Identity as a Service (IDaaS).
• B. Infrastructure as a Service (laaS).
• C. Platform as a Service (PaaS).
• D. Software as a Service (SaaS).

Answer: C

 

NEW QUESTION 45
......

Latest CCAK Pass Guaranteed Exam Dumps Certification Sample Questions: https://www.trainingdump.com/ISACA/CCAK-practice-exam-dumps.html

CCAK Updated Exam Dumps [2022] Practice Valid Exam Dumps Question: https://drive.google.com/open?id=15URgI9OXhhvP4uNV5Tj3fxInN9L7URXF