Isaca CCAK - Certificate of Cloud Auditing Knowledge
Which of the following standards is designed to be used by organizations for cloud services that intend to select controls within the process of implementing an information security management system based on ISO/IEC 27001?
Which of the following is the PRIMARY component to determine the success or failure of an organization’s cloud compliance program?
When establishing cloud governance, an organization should FIRST test by migrating:
An auditor is assessing a European organization's compliance. Which regulation is suitable if health information needs to be protected?
Which of the following should be an assurance requirement when an organization is migrating to a Software as a Service (SaaS) provider?
Which of the following is a KEY benefit of using the Cloud Controls Matrix (CCM)?
An auditor is reviewing an organization’s virtual machines (VMs) hosted in the cloud. The organization utilizes a configuration management (CM) tool to enforce password policies on its VMs. Which of the following is the BEST approach for the auditor to use to review the operating effectiveness of the password requirement?
Which of the following is the BEST recommendation to offer an organization's HR department planning to adopt a new public Software as a Service (SaaS) application to ease the recruiting process?
Which of the following is MOST important to ensure effective cloud application controls are maintained in an organization?
An auditor identifies that a cloud service provider received multiple customer inquiries and requests for proposal (RFPs) during the last month. Which of the following
What should be the BEST recommendation to reduce the provider’s burden?