Practice CCAK Questions With Certification guide Q&A from Training Expert Actual4dump
Free ISACA CCAK Test Practice Test Questions Exam Dumps
NEW QUESTION 31
Which cloud storage technology is basically a virtual hard drive for instanced or VMs?
- A. Platform
- B. Object storage
- C. Application
- D. Volume storage
- E. Database
Answer: D
NEW QUESTION 32
CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.
- A. Control Specification
- B. Risk Impact
- C. Domain
Answer: A
NEW QUESTION 33
Cloud applications can use virtual networks and other structures, for hyper-segregated environments.
- A. True
- B. False
Answer: A
NEW QUESTION 34
Which of the following is NOT a cloud computing characteristic that impacts incidence response?
- A. Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
- B. The possibility of data crossing geographic or jurisdictional boundaries.
- C. The on demand self-service nature of cloud computing environments.
- D. Object-based storage in a private cloud.
- E. The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
Answer: A
NEW QUESTION 35
Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?
- A. Infrastructure-as-a-service (IaaS)
- B. Identity-as-a-service (IDaaS)
- C. Software-as-a-service (SaaS)
- D. Platform-as-a-service (PaaS)
- E. Desktop-as-a-service (DaaS)
Answer: D
NEW QUESTION 36
Which of the following should be an IS auditor's GREATEST concern when reviewing an outsourcing arrangement with a third-party cloud service provider to host personally identifiable data?
- A. Fees are charged based on the volume of data stored by the host.
- B. The organization's servers are not compatible with the third party's infrastructure
- C. The outsourcing contract does not contain a right-to-audit clause.
- D. The data is not adequately segregated on the host platform.
Answer: D
NEW QUESTION 37
Why is a service type of network typically isolated on different hardware?
- A. It requires unique security
- B. It requires distinct access controls
- C. It has distinct functions from other networks
- D. It manages the traffic between other networks
- E. It manages resource pools for cloud consumers
Answer: D
NEW QUESTION 38
Which of the following should be of GREATEST concern to an IS auditor reviewing actions taken during a forensic investigation?
- A. The proper authorities were not notified.
- B. The investigation report does not indicate a conclusion.
- C. The handling procedures of the attacked system are not documented.
- D. An image copy of the attacked system was not taken.
Answer: A
NEW QUESTION 39
What is true of security as it relates to cloud network infrastructure?
- A. You should always open traffic between workloads in the same virtual subnet for better visibility.
- B. You should applycloud firewalls on a per-network basis.
- C. You should implement a default allow with cloud firewalls and then restrict as necessary.
- D. You should implement a default deny with cloud firewalls.
- E. You should deploy your cloud firewalls identical to the existing firewalls.
Answer: D
NEW QUESTION 40
Your cloud and on-premisesinfrastructures should always use the same network address ranges.
- A. True
- B. False
Answer: B
NEW QUESTION 41
Use elastic servers when possible and move workloads to new instances.
- A. True
- B. False
Answer: A
NEW QUESTION 42
Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?
- A. Resource Description Framework (RDF)
- B. Software Development Kits (SDKs)
- C. Application Binary Interface (ABI)
- D. Application Programming Interface (API)
- E. Extensible Markup Language (XML)
Answer: D
NEW QUESTION 43
Which term is used to describe the use of tools to selectively degrade portions of the cloud to continuously test business continuity?
- A. Resiliency Planning
- B. Expected Engineering
- C. Organized Downtime
- D. Chaos Engineering
- E. PlannedOutages
Answer: D
NEW QUESTION 44
Cloud services exhibit fiveessential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.
- A. Resource pooling
- B. Broad network access
- C. Measured service
- D. On-demand self-service
- E. Rapid elasticity
Answer: D
NEW QUESTION 45
ENISA: "VMhopping" is:
- A. Lack of vulnerability management standards.
- B. Instability in VM patch management causing VM routing errors.
- C. Improper management of VM instances, causing customer VMs to be commingled with other customer systems.
- D. Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
- E. Looping within virtualized routing systems.
Answer: D
NEW QUESTION 46
What is known as a code execution environment running within an operating system that shares and uses the resources of the operating system?
- A. Platform-basedWorkload
- B. Abstraction
- C. Container
- D. Virtual machine
- E. Pod
Answer: C
NEW QUESTION 47
Which concept provides the abstraction needed for resource pools?
- A. Applistructure
- B. Metastructure
- C. Hypervisor
- D. Orchestration
- E. Virtualization
Answer: E
NEW QUESTION 48
Your SLA with your cloudprovider ensures continuity for all services.
- A. True
- B. False
Answer: B
NEW QUESTION 49
Which of the following cloud deployment models would BEST meet the needs of a startup software development organization with limited initial capital?
- A. Community
- B. Private
- C. Hybrid
- D. Public
Answer: D
NEW QUESTION 50
How does running applications on distinct virtual networks and only connecting networksas needed help?
- A. It reduces hardware costs
- B. It provides dynamic and granular policies with less management overhead
- C. It enables you to configure applications around business groups
- D. It reduces the blast radius of a compromised system
- E. It locks down access and provides stronger data security
Answer: D
NEW QUESTION 51
Which of the following should be the PRIMARY concern of an IS auditor during a review of an external IT service level agreement (SLA) for computer operations?
- A. Lack of software escrow provisions
- B. Changes in services are not tracked
- C. Vendor has exclusive control of IT resources
- D. No employee succession plan
Answer: B
NEW QUESTION 52
What is resource pooling?
- A. None of the above.
- B. Internet-based CPUs are pooled to enable multi-threading.
- C. The provider's computing resources are pooled to serve multiple consumers.
- D. The dedicated computing resources of each client are pooled together in a colocation facility.
- E. Placing Internet ("cloud") data centers near multiple sources of energy, such as hydroelectric dams.
Answer: C
NEW QUESTION 53
Which statement best describes the impact of Cloud Computing on business continuity management?
- A. A general lack of interoperability standards means that extra focus must be placed on the security aspects of migration between Cloud providers.
- B. The size of data sets hosted at a Cloud provider can present challenges if migration to another provider becomesnecessary.
- C. Customers of SaaS providers in particular need to mitigate the risks of application lock-in.
- D. Clients need to do business continuity planning due diligence in case they suddenly need to switch providers.
- E. Geographic redundancyensures that Cloud Providers provide highly available services.
Answer: E
NEW QUESTION 54
......
Prepare Top ISACA CCAK Exam Audio Study Guide Practice Questions Edition: https://www.actual4dump.com/ISACA/CCAK-actualtests-dumps.html
Dumps Practice Exam Questions Study Guide for the CCAK Exam: https://drive.google.com/open?id=1vuqB-16vb5cw6llYZbymElwicTxoBsfy