CCAK Question #21: Real Exam Question with Answer & Explanation

Sign in or unlock CCAK to reveal the answer and full explanation for question #21. The question stem and answer options stay visible for context.

Cloud Auditing for Infrastructure, Platform, and Software as a Service (IaaS, PaaS, SaaS)

Question

During an audit it was identified that a critical application hosted in an off-premises cloud is not part of the organization's DRP (Disaster Recovery Plan). Management stated that it is responsible for ensuring that the cloud service provider (CSP) has a plan that is tested annually. What should be the auditor's NEXT course of action?

Options

AReview the CSP audit reports.
BReview the security white paper of the CSP.
CReview the contract and DR capability.
DPlan an audit of the CSP.

Unlock CCAK to see the answer

You've previewed enough free CCAK questions. Unlock CCAK for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CCAK - $49.99 / 30 days Sign in

Topics

#Cloud Disaster Recovery#Cloud Audit Procedures#CSP Due Diligence#Audit Evidence Gathering

Full CCAK Practice Browse All CCAK Questions