Free Access ISACA.CCAK.v2023-04-28.q71 Practice Test (Page 12)

Question 51

During an audit it was identified that a critical application hosted in an off-premises cloud is not part of the organization's DRP (Disaster Recovery Plan). Management stated that it is responsible for ensuring that the cloud service provider (CSP) has a plan that is tested annually. What should be the auditor's NEXT course of action?

A.Review the security white paper of the CSP.

B.Plan an audit of the CSP.

C.Review the contract and DR capability.

D.Review the CSP audit reports.

Question 52

Which of thefollowing items is NOT an example of Security as a Service (SecaaS)?

A.Authentication

B.Intrusion detection

C.Web filtering

D.Spam filtering

E.Provisioning

Question 53

To qualify for CSA STAR attestation for a particular cloud system, the SOC 2 report must cover:

A.ISO/I 27001: 2013 controls.

B.Cloud Control Matrix (CCM) and ISO/IEC 27001:2013 controls.

C.maturity model criteria.

D.all Cloud Control Matrix (CCM) controls and TSPC security principles.

Question 54

The MAIN difference between Cloud Control Matrix (CCM) and Consensus Assessment Initiative Questionnaire (CAIQ) is that:

A.CCM has a set of security questions, whereas CAIQ has a set of security controls.

B.CCM has 14 domains and CAIQ has 16 domains.

C.CCM provides a controls framework, whereas CAIQ provides industry-accepted ways to document which security controls exist in IaaS, PaaS, and SaaS offerings.

D.CCM assesses the presence of controls, whereas CAIQ assesses overall security of a service.

Question 55

Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?

A.Software Development Kits (SDKs)

B.Application Programming Interface (API)

C.Resource Description Framework (RDF)

D.Extensible Markup Language (XML)

E.Application Binary Interface (ABI)

Other Version: 408ISACA.CCAK.v2025-05-13.q213; 887ISACA.CCAK.v2022-12-30.q72; 1630ISACA.CCAK.v2022-07-25.q75; 1595ISACA.CCAK.v2022-02-11.q57; 70ISACA.Passtestking.CCAK.v2021-10-20.by.jerry.27q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 156PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 140Adobe.AD0-E605.v2025-09-05.q50

Question 51

Question 52

Question 53

Question 54

Question 55

Download PDF File