Question 1

Which of the following is an example of a corrective control?

Options :

A : A central anti-virus system installing the latest signature files before allowing a connection to the network

B : Unsuccessful access attempts being automatically logged for investigation

C : Privileged access to critical information systems requiring a second factor of authentication using soft token

D : All new employees having standard access rights until their manager approves privileged rights

Answer: B

Question 2

Which of the following is the common cause of misconfiguration in a cloud environment?

Options :

A : Absence of effective change control

B : Using multiple cloud service providers

C : New cloud computing techniques

D : Traditional change process mechanisms

Answer: A

Question 3

The Cloud Octagon Model was developed to support organizations:

Options :

A : risk assessment methodology

B : risk treatment methodology.

C : incident response methodology.

D : incident detection methodology.

Answer: A

Question 4

Which of the following is MOST important to ensure effective cloud application controls are maintained in an organization?

Options :

A : Exception reporting

B : Third-party vendor involvement

C : Application team internal review

D : Control self-assessment (CSA)

Answer: A

Question 5

"Network environments and virtual instances shall be designed and configured to restrict and monitor traffic between trusted and untrusted connections. These configurations shall be reviewed at least annually, and supported by a documented justification for use for all allowed services, protocols, ports, and by compensating controls." Which of the following types of controls BEST matches this control description?

Options :

A : Network Security

B : Change Detection

C : Virtual Instance and OS Hardening

D : Network Vulnerability Management

Answer: A

Higher Test Marks with Free Online CCAK Exam Practice

Buying Options: