• Home
  • Articles
  • [Q17-Q32] Excellent CCAK PDF Dumps With 100% PrepPDF Exam Passing Guaranted [Oct-2021]

[Q17-Q32] Excellent CCAK PDF Dumps With 100% PrepPDF Exam Passing Guaranted [Oct-2021]

Share

Excellent CCAK PDF Dumps With 100% PrepPDF Exam Passing Guaranted [Oct-2021]

100% Pass Your CCAK Certificate of Cloud Auditing Knowledge at First Attempt with PrepPDF

NEW QUESTION 17
In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

  • A. Long distance relationships
  • B. Single tenantenvironments
  • C. Multi-tenant environments
  • D. Distributed computing arrangements
  • E. Multi-application, single tenant environments

Answer: C

 

NEW QUESTION 18
Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

  • A. Access control
  • B. Authentication
  • C. Federated Identity Management
  • D. Entitlement
  • E. Authoritative source

Answer: D

 

NEW QUESTION 19
Which of the following should be of GREATEST concern to an IS auditor reviewing actions taken during a forensic investigation?

  • A. The investigation report does not indicate a conclusion.
  • B. The handling procedures of the attacked system are not documented.
  • C. An image copy of the attacked system was not taken.
  • D. The proper authorities were not notified.

Answer: D

 

NEW QUESTION 20
Which data security control is the LEAST likely to be assigned to an IaaSprovider?

  • A. Application logic
  • B. Encryption solutions
  • C. Physical destruction
  • D. Asset management and tracking
  • E. Access controls

Answer: A

 

NEW QUESTION 21
Which governance domain deals with evaluating how cloudcomputing affects compliance with internal security policies and various legal requirements, such as regulatory and legislative?

  • A. Compliance and Audit Management
  • B. Legal Issues: Contracts and Electronic Discovery
  • C. Infrastructure Security
  • D. Governance and Enterprise Risk Management
  • E. Information Governance

Answer: A

 

NEW QUESTION 22
To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

  • A. Provider and consumer contracts
  • B. EDiscovery tools
  • C. Third-party attestations
  • D. Provider run audits and reports
  • E. Provider documentation

Answer: C

 

NEW QUESTION 23
When deploying an application that was created using the programming language and tools supported by the cloud provider, the MOST appropriate cloud computing model for an organization to adopt is:

  • A. Platform as a Service (PaaS).
  • B. Infrastructure as a Service (laaS).
  • C. Identity as a Service (IDaaS).
  • D. Software as a Service (SaaS).

Answer: A

 

NEW QUESTION 24
CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

  • A. Control Specification
  • B. Domain
  • C. Risk Impact

Answer: A

 

NEW QUESTION 25
An important consideration when performing a remote vulnerability test of a cloud-based application is to

  • A. Obtain provider permission for test
  • B. Use application layer testing tools exclusively
  • C. Schedule vulnerability test at night
  • D. Use network layer testing tools exclusively
  • E. Use techniques to evade cloud provider's detection systems

Answer: A

 

NEW QUESTION 26
What is true of security as it relates to cloud network infrastructure?

  • A. You should implement a default allow with cloud firewalls and then restrict as necessary.
  • B. You should applycloud firewalls on a per-network basis.
  • C. You should deploy your cloud firewalls identical to the existing firewalls.
  • D. You should always open traffic between workloads in the same virtual subnet for better visibility.
  • E. You should implement a default deny with cloud firewalls.

Answer: E

 

NEW QUESTION 27
In volume storage, what method is often used to support resiliency and security?

  • A. hypervisor agents
  • B. random placement
  • C. data dispersion
  • D. data rights management
  • E. proxy encryption

Answer: C

 

NEW QUESTION 28
Which term is used to describe the use of tools to selectively degrade portions of the cloud to continuously test business continuity?

  • A. Organized Downtime
  • B. PlannedOutages
  • C. Resiliency Planning
  • D. Chaos Engineering
  • E. Expected Engineering

Answer: D

 

NEW QUESTION 29
What is the newer application development methodology and philosophy focused on automation of application development and deployment?

  • A. SecDevOps
  • B. DevOps
  • C. Agile
  • D. BusOps
  • E. Scrum

Answer: B

 

NEW QUESTION 30
An audit has identified that business units have purchased cloud-based applications without ITs support. What is the GREATEST risk associated with this situation?

  • A. The application purchases did not follow procurement policy.
  • B. The applications could be modified without advanced notice.
  • C. The applications may not reasonably protect data.
  • D. The applications are not included in business continuity plans (BCPs).

Answer: D

 

NEW QUESTION 31
Segregation of duties would be compromised if:

  • A. operations staff modified batch schedules.
  • B. database administrators (DBAs) modified the structure of user tables.
  • C. application programmers accessed test data.
  • D. application programmers moved programs into production.

Answer: C

 

NEW QUESTION 32
......

Trend for CCAK pdf dumps before actual exam: https://www.preppdf.com/ISACA/CCAK-prepaway-exam-dumps.html

Real Exam Questions & Answers - ISACA CCAK Dump is Ready: https://drive.google.com/open?id=1A7vIUstdCtNwUE2kz_IIIH_kNVSjQ3Mq

 

Related Articles

more
ISACA CCAK Certification Practice Exam