exam questions

Exam CCSK All Questions

View all questions & answers for the CCSK exam

Exam CCSK topic 1 question 22 discussion

Actual exam question from CSA's CCSK
Question #: 22
Topic #: 1
[All CCSK Questions]

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

  • A. Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
  • B. Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.
  • C. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
  • D. Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
  • E. Both B and C.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
shiqna
5 months, 2 weeks ago
Selected Answer: E
The answer is E as both B and C are correct. Regarding B; we do not have to 'Respect' the interdependencies but can also evaluate to mitigate the risk as well. It is based on a risk assessment whether to 'respect' them which is equivalent to accepting them and do nothing or to identify mitigating controls and reduce the risk exposure. The resultant residual risk and health of mitigating controls can be reported to the management.
upvoted 2 times
...
Brainiac
1 year ago
The statement that is NOT a requirement of governance and enterprise risk management in a cloud environment is: C. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment. While negotiating long-term contracts and using well-vetted software applications can be strategies organizations employ in a cloud environment, it is not specifically a requirement of governance and enterprise risk management. The other statements mentioned, A, B, and D, align with the requirements of governance and enterprise risk management in a cloud environment, which involve inspecting and accounting for risks, respecting interdependencies, communicating risk posture, and providing transparency to stakeholders.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago