IsacaIsaca
CCAK · Question #11
CCAK Question #11: Real Exam Question with Answer & Explanation
Sign in or unlock CCAK to reveal the answer and full explanation for question #11. The question stem and answer options stay visible for context.
Cloud Auditing Basics and Tools
Question
An organization is in the initial phases of cloud adoption. It is not very knowledgeable about cloud security and cloud shared responsibility models. Which of the following approaches is BEST suited for such an organization to evaluate its cloud security?
Options
- AUse of an established standard/regulation to map controls and use as the audit criteria
- BFor efficiency reasons, use of its on-premises systems' audit criteria to audit the cloud environment
- CAs this is the initial stage, the ISO/IEC 27001 certificate shared by the cloud service provider is
- DDevelopment of the cloud security audit criteria based on its own internal audit test plans to ensure
Unlock CCAK to see the answer
You've previewed enough free CCAK questions. Unlock CCAK for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Cloud security evaluation#Audit criteria#Security standards#Cloud adoption strategy