Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Isaca > Isaca Certifications > CCAK > CCAK Online Practice Questions and Answers

CCAK Online Practice Questions and Answers

Questions 4

Policies and procedures shall be established, and supporting business processes and technical measures implemented, for maintenance of several items ensuring continuity and availability of operations and support personnel. Which of the following controls BEST matches this control description?

A. Operations Maintenance

B. System Development Maintenance

C. Equipment Maintenance

D. System Maintenance

Buy Now

Correct Answer: A

Questions 5

Which of the following is MOST important to consider when developing an effective threat model during the introduction of a new SaaS service into a customer organization's architecture? The threat model:

A. recognizes the shared responsibility for risk management between the customer and the CSP.

B. leverages SaaS threat models developed by peer organizations.

C. is developed by an independent third-party with expertise in the organization's industry sector.

D. considers the loss of visibility and control from transitioning to the cloud.

Buy Now

Correct Answer: A

Questions 6

Which of the following is an example of integrity technical impact?

A. The cloud provider reports a breach of customer personal data from an unsecured server.

B. A hacker using a stolen administrator identity alerts the discount percentage in the product database.

C. A DDoS attack renders the customer's cloud inaccessible for 24 hours.

D. An administrator inadvertently click on Phish bait exposing his company to a ransomware attack.

Buy Now

Correct Answer: D

Questions 7

An organization is in the initial phases of cloud adoption. It is not very knowledgeable about cloud security and cloud shared responsibility models. Which of the following approaches is BEST suited for such an organization to evaluate its cloud security?

A. Use of an established standard/regulation to map controls and use as the audit criteria

B. For efficiency reasons, use of its on-premises systems' audit criteria to audit the cloud environment

C. As this is the initial stage, the ISO/IEC 27001 certificate shared by the cloud service provider is sufficient for audit and compliance purposes.

D. Development of the cloud security audit criteria based on its own internal audit test plans to ensure appropriate coverage

Buy Now

Correct Answer: A

Questions 8

When using a SaaS solution, who is responsible for application security?

A. The cloud service provider only

B. The cloud service consumer only

C. Both cloud consumer and the enterprise

D. Both cloud provider and the consumer

Buy Now

Correct Answer: A

Questions 9

Which of the following would be the GREATEST governance challenge to an organization where production is hosted in a public cloud and backups are held on the premises?

A. Aligning the cloud service delivery with the organization's objective

B. Aligning the cloud provider's SLA with the organization's policy

C. Aligning shared responsibilities between provider and customer

D. Aligning the organization's activity with the cloud provider's policy

Buy Now

Correct Answer: A

Questions 10

To support customer's verification of the CSP claims regarding their responsibilities according to the shared responsibility model, which of the following tools and techniques is appropriate?

A. Contractual agreement

B. Internal audit

C. External audit

D. Security assessment

Buy Now

Correct Answer: D

Questions 11

One of the Cloud Control Matrix's (CCM's) control specifications states that “Independent reviews and assessments shall be performed at least annually to ensure that the organization addresses nonconformities of established policies, standards, procedures, and compliance obligations.” Which of the following controls under the Audit Assurance and Compliance domain does this match to?

A. Audit planning

B. Information system and regulatory mapping

C. GDPR auditing

D. Independent audits

Buy Now

Correct Answer: B

Questions 12

The MOST critical concept of managing the build and test of code in DevOps is:

A. continuous build.

B. continuous delivery.

C. continuous deployment.

D. continuous integration.

Buy Now

Correct Answer: B

Reference: https://smartbear.com/blog/devops-testing-strategy-best-practices-tools/

Questions 13

Account design in the cloud should be driven by:

A. security requirements.

B. organizational structure.

C. business continuity policies.

D. management structure.

Buy Now

Correct Answer: A

Exam Code: CCAK
Exam Name: Certificate of Cloud Auditing Knowledge
Last Update: Jul 04, 2026
Questions: 126

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2026 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.