An organization wants to detect its hidden cloud infrastructure by auditing its cloud environment and resources such that it shuts down unused/unwanted workloads, saves money, minimizes security risks, and optimizes its cloud inventory.
In this scenario, which standard is applicable for cloud security auditing that enables the management of customer data?
A . Cloud Security Alliance
B . ISO 27001 & 27002
C . SOC2
D . NIST SP800-53 rev 4
Answer: B
Explanation:
ISO 27001 & 27002 standards are applicable for cloud security auditing that enables the management of customer data. These standards provide a framework for information security management practices and controls within the context of the organization’s information risk management processes.
Latest 312-40 Dumps Valid Version with 125 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund