CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CCAK

Free CCAK Exam Braindumps (page: 29)

Page 29 of 78
PDF with 308 Questions

An auditor is performing an audit on behalf of a cloud customer. For assessing security awareness, the auditor should:

  1. assess the existence and adequacy of a security awareness training program at the cloud service provider’s organization as the cloud customer hired the auditor to review and cloud service.
  2. assess the existence and adequacy of a security awareness training program at both the cloud customer’s organization and the cloud service provider’s organization.
  3. assess the existence and adequacy of a security awareness training program at the cloud customer’s organization as they hired the auditor.
  4. not assess the security awareness training program as it is each organization’s responsibility

Answer(s): D



The MOST critical concept of managing the build and test of code in DevOps is:

  1. continuous build.
  2. continuous delivery.
  3. continuous deployment.
  4. continuous integration.

Answer(s): B

Explanation:


Reference:

https://smartbear.com/blog/devops-testing-strategy-best-practices-tools/



The Cloud Computing Compliance Controls Catalogue (C5) framework is maintained by which of the following agencies?

  1. Agence nationale de la sécurité des systèmes d'information (ANSSI)
  2. National Institute of Standards and Technology (NIST)
  3. National Security Agency (NSA)
  4. Bundesamt für Sicherheit in der Informationstechnik (BSI)

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/compliance/regulatory/offering-c5-germany



Which statement about compliance responsibilities and ownership of accountability is correct?

  1. Organizations may be able to transfer their accountability for compliance with various regulatory requirements to their CSPs, but they retain the ownership of responsibility.
  2. Organizations may be able to transfer their responsibility for compliance with various regulatory requirements to their CSPs, but they retain the ownership of accountability.
  3. Organizations may transfer their responsibility and accountability for compliance with various regulatory requirements to their CSPs.
  4. Organizations are not able to transfer their responsibility nor accountability for compliance with various regulatory requirements to their CSPs.

Answer(s): D


Reference:

https://searchcloudsecurity.techtarget.com/tip/Top-cloud-security-challenges-and-how-to-combatthem



Page 29 of 78



Post your Comments and Discuss ISACA CCAK exam with other Community members:

ccak commented on June 08, 2023
ccak is hard
Anonymous
upvote