Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Isaca Exam CCAK Topic 4 Question 44 Discussion

Actual exam question for Isaca's CCAK exam
Question #: 44
Topic #: 4
[All CCAK Questions]

The MOST important factor to consider when implementing cloud-related controls is the:

Show Suggested Answer Hide Answer
Suggested Answer: D

A detective control is a type of internal control that seeks to uncover problems in a company's processes once they have occurred1.Examples of detective controls include physical inventory checks, reviews of account reports and reconciliations, as well as assessments of current controls1.Detective controls use platform telemetry to detect misconfigurations, vulnerabilities, and potentially malicious activity in the cloud environment2.

In a Software as a Service (SaaS) service provider, privileged access monitoring is a detective control that can help identify unauthorized or suspicious activities by users who have elevated permissions to access or modify cloud resources, data, or configurations.Privileged access monitoring can involve logging, auditing, alerting, and reporting on the actions performed by privileged users3. This can help detect security incidents, compliance violations, or operational errors in a timely manner and enable appropriate responses.

Data encryption, incident management, and network segmentation are examples of preventive controls, which are designed to prevent problems from occurring in the first place.Data encryption protects the confidentiality and integrity of data by transforming it into an unreadable format that can only be decrypted with a valid key1.Incident management is a process that aims to restore normal service operations as quickly as possible after a disruption or an adverse event4.Network segmentation divides a network into smaller subnetworks that have different access levels and security policies, reducing the attack surface and limiting the impact of a breach1.


Detective controls - SaaS Lens - docs.aws.amazon.com3, section on Privileged access monitoring

Detective controls | Cloud Architecture Center | Google Cloud2, section on Detective controls

Internal control: how do preventive and detective controls work?4, section on SaaS Solutions to Support Internal Control

Detective Control: Definition, Examples, Vs.Preventive Control1, section on What Is a Detective Control?

by Maurine at Apr 29, 2024, 01:09 PM

Limited Time Offer

25%

Off

Get Premium CCAK Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Shay
1 months ago
Risk reporting? Really? That's like trying to put out a fire with a squirt gun. Sure, it's important, but it's not the most crucial factor here.
upvoted 0 times
Charlene
10 days ago
D) risk ownership
upvoted 0 times
...
Minna
12 days ago
B) effectiveness of the controls.
upvoted 0 times
...
Dominque
18 days ago
A) shared responsibility model.
upvoted 0 times
...
...
Vi
2 months ago
Hah, effectiveness of the controls? That's like asking a fish to climb a tree. If the controls aren't properly implemented, they're about as useful as a screen door on a submarine!
upvoted 0 times
Dean
6 days ago
D) risk ownership
upvoted 0 times
...
Evette
17 days ago
B) effectiveness of the controls.
upvoted 0 times
...
Gabriele
18 days ago
A) shared responsibility model.
upvoted 0 times
...
...
Leandro
2 months ago
Risk ownership is also pretty important, isn't it? I mean, you can have all the controls in the world, but if you don't know who's responsible for what, it's not going to do you much good.
upvoted 0 times
Lilli
18 days ago
C) risk reporting.
upvoted 0 times
...
Henriette
1 months ago
B) effectiveness of the controls.
upvoted 0 times
...
Carlton
1 months ago
A) shared responsibility model.
upvoted 0 times
...
...
Cristal
2 months ago
I agree, the shared responsibility model is crucial. Without a clear understanding of that, you're just shooting in the dark with your cloud controls.
upvoted 0 times
Cherilyn
21 days ago
D) risk ownership
upvoted 0 times
...
Gregoria
23 days ago
C) risk reporting.
upvoted 0 times
...
Elouise
29 days ago
B) effectiveness of the controls.
upvoted 0 times
...
Audry
1 months ago
A) shared responsibility model.
upvoted 0 times
...
...
Sherell
2 months ago
The shared responsibility model is definitely the most important factor. It's the foundation for understanding who's responsible for what in the cloud.
upvoted 0 times
German
2 months ago
I agree, understanding the shared responsibility model is crucial for effective cloud security.
upvoted 0 times
...
Carissa
2 months ago
A) shared responsibility model.
upvoted 0 times
...
...
Nicholle
2 months ago
I believe the effectiveness of the controls is the key factor to consider, as it directly impacts the security of the cloud environment.
upvoted 0 times
...
Clarence
3 months ago
I agree with Susana, the shared responsibility model is crucial for implementing cloud-related controls.
upvoted 0 times
...
Susana
3 months ago
I think the most important factor is the shared responsibility model.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77