
2021 CCAK Premium Files Test pdf - Free Dumps Collection
Get ready to pass the CCAK Exam right now using our Cloud Security Alliance Exam Package
NEW QUESTION 31
How can virtual machine communications bypass network security controls?
- A. VM images can contain rootkits programmed to bypass firewalls
- B. Hypervisors depend upon multiple network interfaces
- C. VM communications may use a virtual network on the same hardware host
- D. Most network security systems do not recognize encrypted VM traffic
- E. The guest OS can invoke stealth mode
Answer: C
NEW QUESTION 32
Which of the following would be MOST important to update once a decision has been made to outsource a critical application to a cloud service provider?
- A. IT budget
- B. Business impact analysis (BIA)
- C. Project portfolio
- D. IT resource plan
Answer: B
NEW QUESTION 33
Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?
- A. Applistructure
- B. Datastructure
- C. Infostructure
- D. Infrastructure
- E. Metastructure
Answer: D
NEW QUESTION 34
An IS auditor is a member of an application development team that is selecting software. Which of the following would impair the auditor's independence?
- A. Reviewing the request for proposal (RFP)
- B. verifying the weighting of each selection criteria
- C. Approving the vendor selection methodology
- D. Witnessing the vendor selection process
Answer: C
NEW QUESTION 35
How does running applications on distinct virtual networks and only connecting networksas needed help?
- A. It reduces hardware costs
- B. It enables you to configure applications around business groups
- C. It reduces the blast radius of a compromised system
- D. It locks down access and provides stronger data security
- E. It provides dynamic and granular policies with less management overhead
Answer: C
NEW QUESTION 36
If there are gaps in network logging data,what can you do?
- A. Nothing. The cloud provider must make the information available.
- B. Ask the cloud provider to open more ports.
- C. You can instrument the technology stack with your own logging.
- D. Nothing. There are simply limitations around the data that can be logged in the cloud.
- E. Ask the cloud provider to close more ports.
Answer: C
NEW QUESTION 37
Which of the following is NOT a cloud computing characteristic that impacts incidence response?
- A. The possibility of data crossing geographic or jurisdictional boundaries.
- B. Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
- C. Object-based storage in a private cloud.
- D. The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
- E. The on demand self-service nature of cloud computing environments.
Answer: B
NEW QUESTION 38
To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?
- A. Provider and consumer contracts
- B. EDiscovery tools
- C. Third-party attestations
- D. Provider run audits and reports
- E. Provider documentation
Answer: C
NEW QUESTION 39
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
- A. Practice Integration of Duties (IOD) so that everyone is able to delete the encrypted data.
- B. Maintaining customer managed key management and revoking ordeleting keys from the key management system to prevent the data from being accessed again.
- C. Keep the keys stored on the client side so that they are secure and so that the users have the ability to delete their own data.
- D. Both B and D.
- E. Allowing the cloud provider to manage your keys so that they have the ability to access and delete the data from the main and back-up storage.
Answer: B
NEW QUESTION 40
CCM: In the CCM tool, "Encryption and Key Management" is an example of which of the following?
- A. Risk Impact
- B. Domain
- C. Control Specification
Answer: B
NEW QUESTION 41
Your SLA with your cloudprovider ensures continuity for all services.
- A. False
- B. True
Answer: A
NEW QUESTION 42
An IS department is evaluated monthly on its cost-revenue ratio user satisfaction rate, and computer downtime This is BEST zed as an application of.
- A. control self-assessment (CSA)
- B. value chain analysis
- C. risk framework
- D. balanced scorecard
Answer: D
NEW QUESTION 43
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?
- A. Both B and C.
- B. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
- C. Inspect and account for risksinherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
- D. Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
- E. Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate riskposture and readiness to consumers and dependent parties.
Answer: B
NEW QUESTION 44
Which of the following should be of GREATEST concern to an IS auditor reviewing actions taken during a forensic investigation?
- A. The investigation report does not indicate a conclusion.
- B. The handling procedures of the attacked system are not documented.
- C. An image copy of the attacked system was not taken.
- D. The proper authorities were not notified.
Answer: D
NEW QUESTION 45
In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?
- A. Long distance relationships
- B. Single tenantenvironments
- C. Multi-tenant environments
- D. Distributed computing arrangements
- E. Multi-application, single tenant environments
Answer: C
NEW QUESTION 46
Which cloud storage technology is basically a virtual hard drive for instanced or VMs?
- A. Application
- B. Object storage
- C. Platform
- D. Database
- E. Volume storage
Answer: E
NEW QUESTION 47
What is defined as the process by which an opposing party may obtain private documents for use in litigation?
- A. Custody
- B. Subpoena
- C. Scope
- D. Discovery
- E. Risk Assessment
Answer: D
NEW QUESTION 48
When deploying an application that was created using the programming language and tools supported by the cloud provider, the MOST appropriate cloud computing model for an organization to adopt is:
- A. Platform as a Service (PaaS).
- B. Infrastructure as a Service (laaS).
- C. Identity as a Service (IDaaS).
- D. Software as a Service (SaaS).
Answer: A
NEW QUESTION 49
An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives Which of the following findings should be the IS auditor's GREATEST concern?
- A. Mobile devices are not encrypted.
- B. Users have not been trained on the new system.
- C. Users are not required to sign updated acceptable
- D. The business continuity plan (BCP) was not updated.
Answer: D
NEW QUESTION 50
Segregation of duties would be compromised if:
- A. operations staff modified batch schedules.
- B. database administrators (DBAs) modified the structure of user tables.
- C. application programmers accessed test data.
- D. application programmers moved programs into production.
Answer: C
NEW QUESTION 51
Which of the following is NOT normally a method for detecting and preventing data migration into the cloud?
- A. URL filters
- B. Database Activity Monitoring
- C. Data Loss Prevention
- D. Cloud Access and Security Brokers (CASB)
- E. Intrusion Prevention System
Answer: E
NEW QUESTION 52
Which statement best describes why it is important to know how data is being accessed?
- A. The devices used to access data have different storage formats.
- B. The devices used to access data may have differentownership characteristics.
- C. The devices used to access data use a variety of operating systems and may have different programs installed on them.
- D. The device may affect data dispersion.
- E. The devices used to access data use a variety of applications or clients and may have different security characteristics.
Answer: E
NEW QUESTION 53
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.
- A. True
- B. False
Answer: A
NEW QUESTION 54
A third-party service provider is hosting a private cloud for an organization. Which of the following findings during an audit of the provider poses the GREATEST risk to the organization?
- A. Two different hypervisor versions are used due to the compatibility restrictions of some virtual machines.
- B. 5% of detected incidents exceeded the defined service level agreement (SLA) for escalation.
- C. The organization's virtual machines share the same hypervisor with virtual machines of other clients.
- D. 2% of backups had to be rescheduled due to backup media failures.
Answer: C
NEW QUESTION 55
ENISA: A reason for risk concerns of a cloud provider being acquired is:
- A. Mass layoffs may occur
- B. Resource isolation may fail
- C. Provider may change physical location
- D. Non-binding agreements put at risk
- E. Arbitrary contract termination by acquiring company
Answer: D
NEW QUESTION 56
......
Master 2021 Latest The Questions Cloud Security Alliance and Pass CCAK Real Exam!: https://www.vceengine.com/CCAK-vce-test-engine.html
A fully updated 2021 CCAK Exam Dumps exam guide from training expert VCEEngine: https://drive.google.com/open?id=1HU3ghmG-fYjrJK2Qk9-O9bUWTq0PhGy3
