Free Cloud Security Alliance CCAK Exam Questions

Become Cloud Security Alliance Certified with updated CCAK exam questions and correct answers

Page: 1 / 60

Total 299 Questions | Updated On: Jun 16, 2026

Add To Cart

Question 1

Which of the following is an example of availability technical impact?

A : A distributed denial of service (DDoS) attack renders the customer's cloud inaccessible for 24 hours.

B : The cloud provider reports a breach of customer personal data from an unsecured server.

C : An administrator inadvertently clicked on phish bait, exposing the company to a ransomware attack.

D : A hacker using a stolen administrator identity alters the discount percentage in the product database

Answer: A

Question 2

What legal documents should be provided to the auditors in relation to risk management?

A : Enterprise cloud strategy and policy

B : Contracts and service level agreements (SLAs) of cloud service providers

C : Policies and procedures established around third-party risk assessments

D : Inventory of third-party attestation reports

Answer: B

Question 3

When an organization is moving to the cloud, responsibilities are shared based upon the cloud service provider's model and accountability is:

A : shared

B : avoided.

C : transferred.

D : maintained.

Answer: D

Question 4

From an auditor perspective, which of the following BEST describes shadow IT?

A : An opportunity to diversify the cloud control approach

B : A weakness in the cloud compliance posture

C : A strength of disaster recovery (DR) planning

D : A risk that jeopardizes business continuity planning

Answer: D

Question 5

Which of the following is an example of reputational business impact?

A : While the breach was reported in a timely manner to the CEO, the CFO and CISO blamed each other in public, resulting in a loss of public confidence that led the board to replace all three.

B : The cloud provider fails to report a breach of customer personal data from an unsecured server, resulting in GDPR fines of 10 million euros.

C : A distributed denial of service (DDoS) attack renders the customer’s cloud inaccessible for 24 hours, resulting in millions in lost sales.

D : A hacker using a stolen administrator identity brings down the Software as a Service (SaaS) sales and marketing systems, resulting in the inability to process customer orders or manage customer relationships.

Answer: A

Page: 1 / 60

Total 299 Questions | Updated On: Jun 16, 2026

Add To Cart