How does running applications on distinct virtual networks and only connecting networksas needed help?

• A.It provides dynamic and granular policies with less management overhead
• B.It reduces the blast radius of a compromised system
• C.It enables you to configure applications around business groups
• D.It reduces hardware costs
• E.It locks down access and provides stronger data security

Comment: *

Name: *

Email: *

Verification: *

A cloud service provider does not allow audits using automated tools as these tools could be considered destructive techniques for the cloud environment. Which of the following aspects of the audit will be constrained?

• A.Nature of relationship
• B.Scope
• C.Purpose
• D.Objectives

Comment: *

Name: *

Email: *

Verification: *

Your company is purchasing an application from a vendor. They do not allow you to perform an on-site audit on their information system. However, they say, they will provide the third-party audit attestation on the adequate control design within their environment. Which report is the vendor providing you?

• A.SOC 3
• B.SOC 2, TYPE 2
• C.SOC 1
• D.SOC 2, TYPE 1

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is a member of an application development team that is selecting software. Which of the following would impair the auditor's independence?

• A.Witnessing the vendor selection process
• B.Reviewing the request for proposal (RFP)
• C.verifying the weighting of each selection criteria
• D.Approving the vendor selection methodology

Comment: *

Name: *

Email: *

Verification: *

Due to cloud audit team resource constraints, an audit plan as initially approved cannot be completed. Assuming that the situation is communicated in the cloud audit report which course of action is MOST relevant?

• A.Testing the adequacy of cloud controls design
• B.Focusing on auditing high-risk areas
• C.Relying on management testing of cloud controls
• D.Testing the operational effectiveness of cloud controls

Comment: *

Name: *

Email: *

Verification: *