- All Exams Instant Download
Which of the following would be considered as a factor to trust in a cloud service provider?
Which of the following would be considered as a factor to trust in a cloud service provider?A . The level of exposure for public informationB . The level of proved technical skillsC . The level of willingness to cooperateD . The level of open source evidence availableView AnswerAnswer: C
jurisdictions?
Which of the following is the risk associated with storing data in a cloud that crosses jurisdictions?A . Compliance riskB . Provider administration riskC . Audit riskD . Virtualization riskView AnswerAnswer: A Explanation: Reference: http://webcache.googleusercontent.com/search?q=cache:9OK2cQSAR3oJ:www.aph.gov.au/DocumentStore.ashx%3Fid%3D88403640-14b5-4c3e-8dd7-315bb5067ba4+&cd=1&hl=en&ct=clnk&gl=pk
Which of the following is an example of integrity technical impact?
Which of the following is an example of integrity technical impact?A . The cloud provider reports a breach of customer personal data from an unsecured server.B . A hacker using a stolen administrator identity alerts the discount percentage in the product database.C . A DDoS attack renders the customer’s cloud...
Which of the following is an example of financial business impact?
Which of the following is an example of financial business impact?A . A hacker using a stolen administrator identity brings down the SaaS sales and marketing systems, resulting in the inability to process customer orders or manage customer relationships.B . While the breach was reported in a timely manner to...
To ensure that cloud audit resources deliver the best value to the organization, the PRIMARY step would be to:
To ensure that cloud audit resources deliver the best value to the organization, the PRIMARY step would be to:A . develop a cloud audit plan on the basis of a detailed risk assessment.B . schedule the audits and monitor the time spent on each audit.C . train the cloud audit...
Cloud Control Matrix (CCM) controls can be used by cloud customers to:
Cloud Control Matrix (CCM) controls can be used by cloud customers to:A . develop new security baselines for the industry.B . define different control frameworks for different cloud service providers.C . facilitate communication with their legal department.D . build an operational cloud risk management program.View AnswerAnswer: B Explanation: Reference: https://cloudsecurityalliance.org/blog/2020/10/16/what-is-the-cloud-controls-matrix-ccm/
How should controls be designed by an organization?
How should controls be designed by an organization?A . By the internal audit teamB . Using the ISO27001 frameworkC . By the cloud providerD . Using the organization’s risk management frameworkView AnswerAnswer: A Explanation: Reference: https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2016/internal-control-key-to-delivering-stakeholder-value
When a client’s business process ch be updated.
When a client’s business process ch be updated. B. not be reviewed, but the cloud contract should be cancelled immediately. C. not be reviewed as the SLA cannot be updated. D. be reviewed and updated if required.View AnswerAnswer: D Explanation: Reference: http://www.diva-portal.org/smash/get/diva2:1312384/FULLTEXT01.pdf
Which of the following is a fundamental concept of FedRAMP that intends to save costs, time, and staff conducting superfluous agency security assessments?
Which of the following is a fundamental concept of FedRAMP that intends to save costs, time, and staff conducting superfluous agency security assessments? A. Use often, provide many times B. Be economical, act deliberately C. Use existing, provide many times D. Do once, use many timesView AnswerAnswer: D Explanation: Reference:...
