Isaca CCAK - Certificate of Cloud Auditing Knowledge
Which of the following is the PRIMARY area for an auditor to examine in order to understand the criticality of the cloud services in an organization, along with their dependencies and risks?
Which of the following are independent assessment organizations that verify cloud providers' security implementations and provide the overall risk posture of a cloud environment for a FedRAMP security authorization decision?
The MAIN limitation of relying on traditional cloud compliance assurance approaches such as SOC2 attestations is that:
Which of the following is a cloud-native solution designed to counter threats that do not exist within the enterprise?
The PRIMARY purpose of Open Certification Framework (OCF) for the CSA STAR program is to:
What type of termination occurs at the initiative of one party and without the fault of the other party?
Which of the following is an example of financial business impact?
Which of the following provides the BEST evidence that a cloud service provider's continuous integration and continuous delivery (CI/CD) development pipeline includes checks for compliance as new features are added to its Software as a Service (SaaS) applications?
Which of the following should a cloud auditor recommend regarding controls for application interfaces and databases to prevent manual or systematic processing errors, corruption of data, or misuse?
Which of the following cloud environments should be a concern to an organization s cloud auditor?