What item below allows disparate directory services and independent security domains to be interconnected?

• A.Federation
• B.Intersection
• C.Cloud
• D.Union
• E.Coalition

Comment: *

Name: *

Email: *

Verification: *

Which of the following aspects of risk management involves identifying the potential reputational harm and/or financial harm when an incident occurs?

• A.Residual risk
• B.Mitigations
• C.Likelihood
• D.Impact Analysis

Comment: *

Name: *

Email: *

Verification: *

Organizations maintain mappings between the different control frameworks they adopt to:

• A.help identify controls with different assessment status.
• B.start a compliance assessment using latest assessment.
• C.help identify controls with common assessment status.
• D.avoid duplication of work when assessing compliance.

Comment: *

Name: *

Email: *

Verification: *

While performing the audit, the auditor found that an object storage bucket containing PII could be accessed by anyone on the Internet. Given this discovery, what should be the most appropriate action for the auditor to perform?

• A.Informing the organization's internal audit manager immediately about the gap
• B.Highlighting the gap to the audit sponsor at the sponsor's earliest possible availability
• C.Asking the organization's cloud administrator to immediately close the gap by updating the configuration settings and making the object storage bucket private and hence inaccessible from the Internet
• D.Documenting the finding in the audit report and sharing the gap with the relevant stakeholders

Comment: *

Name: *

Email: *

Verification: *

SAST testing is performed by:

• A.scanning the application source code.
• B.scanning the application interface.
• C.scanning all infrastructure components.
• D.performing manual actions to gain control of the application.

Comment: *

Name: *

Email: *

Verification: *