ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CCAK All Questions

View all questions & answers for the CCAK exam
Go to Exam

Exam CCAK topic 1 question 191 discussion

Actual exam question from Isaca's CCAK
Question #: 191
Topic #: 1
[All CCAK Questions]

A cloud service customer is looking to subscribe to a finance solution provided by a cloud service provider. The provider has clarified that the audit logs cannot be taken out of the cloud environment by the customer to its security information and event management (SIEM) solution for monitoring purposes. Which of the following should be the GREATEST concern to the auditor?

  • A. The provider does not maintain audit logs in their environment.
  • B. The customer cannot monitor its cloud subscription on its own and must rely on the provider for monitoring purposes.
  • C. The audit logs are overwritten every 30 days, and all past audit trail is lost.
  • D. The audit trails are backed up regularly, but the backup is not encrypted.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by sai_murthy at Feb. 15, 2024, 1:10 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Auditor2020
1 month, 2 weeks ago
Selected Answer: C
C. The audit logs are overwritten every 30 days, and all past audit trail is lost. The greatest concern for the auditor should be the fact that audit logs are overwritten every 30 days, leading to the loss of past audit trails. This issue poses a significant risk to accountability, traceability, and compliance, as maintaining a historical record of events is crucial for forensic investigations, monitoring, and compliance with regulatory requirements. Without adequate retention of audit logs, the organization may be unable to detect or respond to security incidents effectively, and it could face challenges in demonstrating compliance during audits. While options A, B, and D present concerns, they do not pose as immediate and critical a risk as the complete loss of audit trails due to short retention periods.
upvoted 1 times
...
4f2a581
9 months, 3 weeks ago
Answer is C
upvoted 2 times
...
sai_murthy
1 year, 3 months ago
Selected Answer: B
CCAK P# 197 Cloud infrastructures are rapidly evolving, and new concepts and technologies, such as serverless, are being adopted. Serverless technologies have redefined the attribution of the security responsibilities between IaaS and PaaS and SaaS, and between the CSP and customer. Following are examples of measures an organization should have in place to mitigate the risk related to infrastructure and virtualization management. Establish, implement, enforce and maintain policies and procedures to ensure the security, retention and access control of audit logs. Continuously monitor security audit logs to detect anomalies, and take appropriate action. Monitor, encrypt and restrict communications between environments to authenticated and authorized connections.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago