Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CCAK

ISACA CCAK Exam Questions
Certificate of Cloud Auditing Knowledge (Page 3 )

Updated On: 2-Mar-2026
Page 3 of 63
PDF with 334 Questions

Network environments and virtual instances shall be designed and configured to restrict and monitor traffic between trusted and untrusted connections. These configurations shall be reviewed at least annually, and supported by a documented justification for use for all allowed services, protocols, ports, and by compensating controls. Which of the following controls BEST matches this control description?

  1. Network Security
  2. Change Detection
  3. Virtual Instance and OS Hardening
  4. Network Vulnerability Management

Answer(s): A

Explanation:


Reference:

https://csf.tools/reference/cloud-controls-matrix/version-3-0-1/ivs/



After finding a vulnerability in an internet-facing server of an organization, a cybersecurity criminal is able to access an encrypted file system and successfully manages to overwrite part of some files with random data. In reference to the Top Threats Analysis methodology, how would you categorize the technical impact of this incident?

  1. As an integrity breach
  2. As control breach
  3. As an availability breach
  4. As a confidentiality breach

Answer(s): B



Organizations maintain mappings between the different control frameworks they adopt to:

  1. help identify controls with common assessment status.
  2. avoid duplication of work when assessing compliance.
  3. help identify controls with different assessment status.
  4. start a compliance assessment using latest assessment.

Answer(s): C


Reference:

https://www.isaca.org/resources/news-and-trends/industry-news/2019/employing-cobit-2019-forenterprise-governance-strategy



SAST testing is performed by:

  1. scanning the application source code.
  2. scanning the application interface.
  3. scanning all infrastructure components.
  4. performing manual actions to gain control of the application.

Answer(s): A

Explanation:

SAST analyzes application code offline. SAST is generally a rules-based test that will scan software code for items such as credentials embedded into application code and a test of input validation, both of which are major concerns for application security.



When a client’s business process changes, the CSP SLA should:

  1. be reviewed, but the SLA cannot be updated.
  2. not be reviewed, but the cloud contract should be cancelled immediately.
  3. not be reviewed as the SLA cannot be updated.
  4. be reviewed and updated if required.

Answer(s): D


Reference:

http://www.diva-portal.org/smash/get/diva2:1312384/FULLTEXT01.pdf



Viewing page 3 of 63
Viewing questions 11 - 15 out of 334 questions



Post your Comments and Discuss ISACA CCAK exam dumps with other Community members:

CCAK Exam Discussions & Posts

AI Tutor