The BEST way to deliver continuous compliance in a cloud environment is to:

• A.combine point-in-time assurance approaches with continuous monitoring.
• B.increase the frequency of external audits from annual to quarterly.
• C.combine point-in-time assurance approaches with continuous auditing.
• D.decrease the interval between attestations of compliance

Comment: *

Name: *

Email: *

Verification: *

Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.

• A.False
• B.True

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?

• A.Increased need, but reduction in costs, for managing risks accepted by the cloud provider.
• B.Greater reliance on contracts, audits, and assessments due to lack of visibility or management.
• C.Decreased requirement for proactive management of relationship and adherence to contracts.
• D.None of the above.
• E.More physical control over assets and processes.

Comment: *

Name: *

Email: *

Verification: *

The criteria for limiting services allowing non-critical services or services requiring high availability and resilience to be moved to the cloud is an important consideration to be included PRIMARILY in the:

• A.business continuity plan.
• B.risk management policy.
• C.information security standard for cloud technologies.
• D.cloud policy.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a cloud-native solution designed to counter threats that do not exist within the enterprise?

• A.Attribute based access control
• B.Policy based access control
• C.Rule based access control
• D.Role based access control

Comment: *

Name: *

Email: *

Verification: *