ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CCAK All Questions

View all questions & answers for the CCAK exam
Go to Exam

Exam CCAK topic 1 question 181 discussion

Actual exam question from Isaca's CCAK
Question #: 181
Topic #: 1
[All CCAK Questions]

A cloud auditor observed that just before a new software went live, the librarian transferred production data to the test environment to confirm the new software can work in the production environment. What additional control should the cloud auditor check?

  • A. Approval of the change by the change advisory board
  • B. Explicit documented approval from all customers whose data is affected
  • C. Training for the librarian
  • D. Verification that the hardware of the test and production environments are compatible
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ats20 at Dec. 21, 2023, 1:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Auditor2020
1 month, 3 weeks ago
Selected Answer: B
In the scenario described, transferring production data to a test environment introduces risks related to data privacy, security, and compliance. The most pertinent control the cloud auditor should check is: B. Explicit documented approval from all customers whose data is affected This control is essential to ensure data protection and compliance with privacy regulations. It addresses concerns related to unauthorized access or use of customer data, which could lead to breaches of confidentiality or violations of data protection laws. It is also important to ensure that any use of customer data is conducted with proper consent and transparency.
upvoted 1 times
...
sai_murthy
9 months ago
Selected Answer: A
CCAK P# 191 When considering change and configuration management, following are some key questions that any cloud actor (CSP, customer or auditor) should keep in mind: • Who can request changes? Who can approve changes? • Who can develop changes? • Who can test the changes for compliance with approved specifications? • Who can move the changes into production?
upvoted 2 times
...
ats20
10 months, 4 weeks ago
Selected Answer: A
Answer should be A: The cloud auditor should check for approval of the change by the change advisory board. The board ensures that changes are made in a controlled and coordinated manner, minimizing the risk of disruption to the IT service.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago