CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CCAK

Free CCAK Exam Braindumps (page: 19)

Page 19 of 78
PDF with 308 Questions

Which plan will guide an organization on how to react to a security incident that might occur on the organization’s systems, or that might be affecting one of their service providers?

  1. Incident Response Plans
  2. Security Incident Plans
  3. Unexpected Event Plans
  4. Emergency Incident Plans

Answer(s): A



Which of the following would be the MOST critical finding of an application security and DevOps audit?

  1. The organization is not using a unified framework to integrate cloud compliance with regulatory requirements.
  2. Application architecture and configurations did not consider security measures.
  3. Outsourced cloud service interruption, breach or loss of data stored at the cloud service provider.
  4. Certifications with global security standards specific to cloud are not reviewed and the impact of noted findings are not assessed.

Answer(s): B



What should be an organization’s control audit schedule of a cloud service provider’s business continuity plan and operational resilience policy?

  1. Annual
  2. Quarterly
  3. Monthly
  4. Semi-annual

Answer(s): A


Reference:

https://www.isaca.org/why-isaca/about-us/newsroom/press-releases/2021/isaca-providesguidance-around-eu-proposed-digital-operational-resilience-act



An organization deploying the Cloud Control Matrix (CCM) to perform a compliance assessment will encompass the use of the ‘Corporate Governance Relevance’ feature to filter out those controls:

  1. relating to policies, processes, laws, regulations, and institutions conditioning the way an organization is managed, directed, or controlled.
  2. that can be either of a management or of a legal nature, therefore requiring an approval from the Change Advisory Board.
  3. that require the prior approval from the Board of Directors to be funded (for either make or buy), implemented, and reported on.
  4. that can be either of an administrative or of a technical nature, therefore requiring an approval from the Change Advisory Board.

Answer(s): A



Page 19 of 78



Post your Comments and Discuss ISACA CCAK exam with other Community members:

ccak commented on June 08, 2023
ccak is hard
Anonymous
upvote