Isaca CCAK Certificate of Cloud Auditing Knowledge Exam Exam Practice Test Questions

• Question 1

  Prioritizing assurance activities for an organization's cloud services portfolio depends PRIMARILY on an organization's ability to:

  • schedule frequent reviews with high-risk cloud service providers.
    
  • develop plans using a standardized risk-based approach.
    
  • maintain a comprehensive cloud service inventory.
    
  • collate views from various business functions using cloud services.
    

  Show Answer Answer: 1 Next

• Question 2

  Which of the following standards is designed to be used by organizations for cloud services that intend to select controls within the process of implementing an Information Security Management Systembased on ISO/IEC 27001?

  • ISO/IEC 27017:2015
    
  • CSA Cloud Control Matrix (CCM)
    
  • NIST SP 800-146
    
  • ISO/IEC 27002
    

  Show Answer Answer: 4 Next

• Question 3

  Which of the following has the MOST substantial impact on how aggressive or conservative the cloud approach of an organization will be?

  • Internal policies and technical standards
    
  • Risk scoring criteria
    
  • Applicable laws and regulations
    
  • Risk appetite and budget constraints
    

  Show Answer Answer: 3 Next

• Question 4

  Policies and procedures shall be established, and supporting business processes and technical measures implemented, for maintenance of several items ensuring continuity and availability of operations and support personnel. Which of the following controls BEST matches this control description?

  • Operations Maintenance
    
  • System Development Maintenance
    
  • Equipment Maintenance
    
  • System Maintenance
    

  Show Answer Answer: 1 Next

• Question 5

  In an organization, how are policy violations MOST likely to occur?

  • By accident
    
  • Deliberately by the ISP
    
  • Deliberately
    
  • Deliberately by the cloud provider
    

  Show Answer Answer: 1 Next