Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Isaca Exam CCAK Topic 4 Question 51 Discussion

Actual exam question for Isaca's CCAK exam
Question #: 51
Topic #: 4
[All CCAK Questions]

During the cloud service provider evaluation process, which of the following BEST helps identify baseline configuration requirements?

Show Suggested Answer Hide Answer
Suggested Answer: C

: During the cloud service provider evaluation process, benchmark controls lists BEST help identify baseline configuration requirements.Benchmark controls lists are standardized sets of security and compliance controls that are applicable to different cloud service models, deployment models, and industry sectors1.They provide a common framework and language for assessing and comparing the security posture and capabilities of cloud service providers2.They also help cloud customers to define their own security and compliance requirements and expectations based on best practices and industry standards3.

Some examples of benchmark controls lists are:

The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM), which is a comprehensive list of 133 control objectives that cover 16 domains of cloud security4.

The National Institute of Standards and Technology (NIST) Special Publication 800-53, which is a catalog of 325 security and privacy controls for federal information systems and organizations, including cloud-based systems5.

The International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) 27017, which is a code of practice that provides guidance on 121 information security controls for cloud services based on ISO/IEC 270026.


CSA Security Guidance for Cloud Computing | CSA1, section on Identify necessary security and compliance requirements

Evaluation Criteria for Cloud Infrastructure as a Service - Gartner2, section on Security Controls

Checklist: Cloud Services Provider Evaluation Criteria | Synoptek3, section on Security

Cloud Controls Matrix | CSA4, section on Overview

NIST Special Publication 800-53 - NIST Pages5, section on Abstract

ISO/IEC 27017:2015(en), Information technology --- Security techniques ...6, section on Scope

What is vendor management?Definition from WhatIs.com7, section on Vendor management

What is Benchmarking?Definition from WhatIs.com8, section on Benchmarking

What is Terms and Conditions?Definition from WhatIs.com9, section on Terms and Conditions

by Samira at Jul 13, 2024, 10:13 AM

Limited Time Offer

25%

Off

Get Premium CCAK Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Charisse
10 months ago
Benchmark controls lists? Sounds like a job for a spreadsheet wizard. Or maybe a data analyst with a love for Excel. Either way, I'm feeling that option.
upvoted 0 times
Karma
9 months ago
Definitely, it helps streamline the evaluation process and ensure nothing is overlooked.
upvoted 0 times
...
Yolando
9 months ago
I agree, it's like having a checklist to ensure all necessary requirements are met.
upvoted 0 times
...
Marta
9 months ago
Yeah, they provide a good reference point for evaluating cloud service providers.
upvoted 0 times
...
Jules
10 months ago
I agree, having a detailed list of benchmarks can really streamline the evaluation process.
upvoted 0 times
...
Ressie
10 months ago
I think benchmark controls lists are important for identifying baseline configuration requirements.
upvoted 0 times
...
Kimbery
10 months ago
Option C) Benchmark controls lists is definitely the way to go. It helps identify baseline configuration requirements.
upvoted 0 times
...
...
Tamala
10 months ago
Vendor requirements? Isn't that like asking a wolf to guard the henhouse? I'll stick with product benchmarks, thank you very much.
upvoted 0 times
...
Ashleigh
11 months ago
Contract terms and conditions? Psh, who reads those anyway? Definitely going with product benchmarks - you can't beat those hard numbers.
upvoted 0 times
Louvenia
10 months ago
Alberto: True, but I still think product benchmarks provide the most accurate information.
upvoted 0 times
...
Alberto
10 months ago
Vendor requirements might also be important to consider.
upvoted 0 times
...
Gretchen
10 months ago
I agree, product benchmarks are definitely the way to go.
upvoted 0 times
...
...
Chau
11 months ago
I agree with Kenneth, vendor requirements are crucial for baseline configuration.
upvoted 0 times
...
Alaine
11 months ago
I think D) Contract terms and conditions are the most important.
upvoted 0 times
...
Lorita
11 months ago
Benchmark controls lists, all the way. You can't just rely on the vendor's word, you know? Gotta have that checklist to make sure you're getting what you need.
upvoted 0 times
...
Basilia
11 months ago
Vendor requirements? Seriously? That's like asking a car salesman what kind of car I should buy. Gotta go with product benchmarks - that's where the real meat is.
upvoted 0 times
Tish
10 months ago
Benchmark controls lists can also be helpful in evaluating the baseline configuration requirements.
upvoted 0 times
...
King
10 months ago
I agree, vendor requirements can be biased. Product benchmarks provide a more objective comparison.
upvoted 0 times
...
Mendy
10 months ago
I agree, but product benchmarks give a more objective view of what the service can offer.
upvoted 0 times
...
Rashad
10 months ago
Product benchmarks are definitely important to consider. They give a good idea of what the service can actually deliver.
upvoted 0 times
...
Eric
11 months ago
Vendor requirements are important to consider, they provide valuable insights.
upvoted 0 times
...
...
Hyun
11 months ago
I disagree, I believe it's C) Benchmark controls lists.
upvoted 0 times
...
Kenneth
11 months ago
I think it's A) Vendor requirements.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77