What should be the auditor's PRIMARY objective while examining a cloud service provider's (CSP's) SLA?

• A.Verifying whether commensurate compensation in the form of service credits is factored in if the CSC is unable to match its SLA obligations
• B.Verifying whether the SLAs are well-defined and measurable
• C.Verifying whether the SLA caters to the availability requirements of the cloud service customer (CSC)
• D.Verifying whether the SLA includes all the operational matters which are material to the operation of the service

Comment: *

Name: *

Email: *

Verification: *

An organization has an ISMS implemented, following ISO 27001 and Annex A controls. The CIO would like to migrate some of the infrastructure to the cloud. Which of the following standards would BEST assist in identifying controls to consider for this migration?

• A.ISO/IEC 27701
• B.ISO/IEC 22301
• C.ISO/IEC 27002
• D.ISO/IEC 27017

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a cloud-specific security standard?

• A.ISO27017
• B.ISO22301
• C.ISO14001
• D.ISO27701

Comment: *

Name: *

Email: *

Verification: *

What item below allows disparate directory services and independent security domains to be interconnected?

• A.Intersection
• B.Union
• C.Federation
• D.Coalition
• E.Cloud

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the GREATEST security risk associated with data migration from a legacy human resources (HR) system to a cloud-based system''

• A.System performance may be impacted by the migration
• B.Data from the source and target system may have different data formats
• C.Data from the source and target system may be intercepted
• D.Records past their retention period may not be migrated to the new system

Comment: *

Name: *

Email: *

Verification: *