New 2021 Guaranteed Success with TrainingDump CCAK Dumps ISACA PDF Questions
Exceptional Practice To Certificate of Cloud Auditing Knowledge Pass the First Time
NEW QUESTION 46
Which statement best describes why it is important to know how data is being accessed?
- A. The devices used to access data have different storage formats.
- B. The devices used to access data may have differentownership characteristics.
- C. The devices used to access data use a variety of operating systems and may have different programs installed on them.
- D. The device may affect data dispersion.
- E. The devices used to access data use a variety of applications or clients and may have different security characteristics.
Answer: E
NEW QUESTION 47
Which of the following is the GREATEST concern associated with migrating computing resources to a cloud virtualized environment?
- A. An increase in inherent vulnerability
- B. An increase in residual risk
- C. An increase in the potential for data leakage
- D. An increase in the number of e-discovery requests
Answer: C
NEW QUESTION 48
CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.
- A. Control Specification
- B. Domain
- C. Risk Impact
Answer: A
NEW QUESTION 49
An important consideration when performing a remote vulnerability test of a cloud-based application is to
- A. Obtain provider permission for test
- B. Use application layer testing tools exclusively
- C. Schedule vulnerability test at night
- D. Use network layer testing tools exclusively
- E. Use techniques to evade cloud provider's detection systems
Answer: A
NEW QUESTION 50
Big data includes high volume, high variety, and high velocity.
- A. True
- B. False
Answer: A
NEW QUESTION 51
Sending data to a provider's storage over an API is likely as much morereliable and secure than setting up your own SFTP server on a VM in the same provider
- A. True
- B. False
Answer: A
NEW QUESTION 52
Cloud services exhibit fiveessential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.
- A. On-demand self-service
- B. Measured service
- C. Broad network access
- D. Resource pooling
- E. Rapid elasticity
Answer: A
NEW QUESTION 53
An IS department is evaluated monthly on its cost-revenue ratio user satisfaction rate, and computer downtime This is BEST zed as an application of.
- A. control self-assessment (CSA)
- B. value chain analysis
- C. risk framework
- D. balanced scorecard
Answer: D
NEW QUESTION 54
Who is responsible for the security of the physical infrastructure and virtualization platform?
- A. The cloud provider
- B. The responsibility is split equally
- C. The majority is covered by the consumer
- D. Itdepends on the agreement
- E. The cloud consumer
Answer: A
NEW QUESTION 55
REST APIs are the standard for web-based services because they run over HTTPS and work well across diverse environments.
- A. True
- B. False
Answer: A
NEW QUESTION 56
Use elastic servers when possible and move workloads to new instances.
- A. True
- B. False
Answer: A
NEW QUESTION 57
ENISA: "VMhopping" is:
- A. Improper management of VM instances, causing customer VMs to be commingled with other customer systems.
- B. Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
- C. Looping within virtualized routing systems.
- D. Lack of vulnerability management standards.
- E. Instability in VM patch management causing VM routing errors.
Answer: B
NEW QUESTION 58
In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?
- A. Long distance relationships
- B. Single tenantenvironments
- C. Multi-tenant environments
- D. Distributed computing arrangements
- E. Multi-application, single tenant environments
Answer: C
NEW QUESTION 59
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?
- A. Both B and C.
- B. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
- C. Inspect and account for risksinherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
- D. Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
- E. Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate riskposture and readiness to consumers and dependent parties.
Answer: B
NEW QUESTION 60
What is defined as the process by which an opposing party may obtain private documents for use in litigation?
- A. Custody
- B. Subpoena
- C. Scope
- D. Discovery
- E. Risk Assessment
Answer: D
NEW QUESTION 61
How is encryption managed on multi-tenant storage?
- A. C for data subject to the EU Data Protection Directive; B for all others
- B. Multiple keys per data owner
- C. One key per data owner
- D. The answer could be A, B, or C depending on the provider
- E. Single key for all data owners
Answer: C
NEW QUESTION 62
Which of the following should be an IS auditor's GREATEST concern when reviewing an outsourcing arrangement with a third-party cloud service provider to host personally identifiable data?
- A. The organization's servers are not compatible with the third party's infrastructure
- B. The data is not adequately segregated on the host platform.
- C. Fees are charged based on the volume of data stored by the host.
- D. The outsourcing contract does not contain a right-to-audit clause.
Answer: B
NEW QUESTION 63
......
CCAK EXAM DUMPS WITH GUARANTEED SUCCESS: https://www.trainingdump.com/ISACA/CCAK-practice-exam-dumps.html
Best Quality ISACA CCAK Exam Questions: https://drive.google.com/open?id=1VEQyAVtOK5BlI7H-wkbgjR4dzYUKgPv0