Free CCAK Exam Braindumps (page: 21)

Page 21 of 78

The BEST method to report continuous assessment of a cloud provider’s services to the CSA is through:

  1. a set of dedicated application programming interfaces (APIs).
  2. SOC 2 Type 2 attestation.
  3. CCM assessment by a third-party auditor on a periodic basis.
  4. tools selected by the third-party auditor.

Answer(s): C


Reference:

https://cloudsecurityalliance.org/press-releases/2019/03/04/csa-launches-star-continuouscompliance-assessment-program-for-cloud-service-providers/



With regard to the Cloud Control Matrix (CCM), the ?Architectural Relevance? is a feature that enables the filtering of security controls by:

  1. relevant architecture frameworks such as the NIST Enterprise Architecture Model, the Federal Enterprise Architecture Framework (FEAF), The Open Group Architecture Framework (TOGAF), and the Zachman Framework for Enterprise Architecture.
  2. relevant delivery models such as Software as a Service, Platform as a Service, Infrastructure as a Service.
  3. relevant architectural paradigms such as Client-Server, Mainframe, Peer-to-Peer, and SmartClient- Backend
  4. relevant architectural components such as Physical, Network, Compute, Storage, Application, and Data

Answer(s): D


Reference:

https://downloads.cloudsecurityalliance.org/initiatives/ccm/CSA_CCM_v3.0.xlsx



To support customer’s verification of the CSP claims regarding their responsibilities according to the shared responsibility model, which of the following tools and techniques is appropriate?

  1. Contractual agreement
  2. Internal audit
  3. External audit
  4. Security assessment

Answer(s): D



Which of the following has the MOST substantial impact on how aggressive or conservative the cloud approach of an organization will be?

  1. Internal policies and technical standards
  2. Risk scoring criteria
  3. Applicable laws and regulations
  4. Risk appetite and budget constraints

Answer(s): C



Page 21 of 78



Post your Comments and Discuss ISACA CCAK exam with other Community members:

ccak commented on June 08, 2023
ccak is hard
Anonymous
upvote