Certificate of Cloud Auditing Knowledge (CCAK) — Question 130

A cloud service customer is looking to subscribe to a finance solution provided by a cloud service provider. The provider has clarified that the audit logs cannot be taken out of the cloud environment by the customer to its security information and event management (SIEM) solution for monitoring purposes. Which of the following should be the GREATEST concern to the auditor?

Answer options

• A. The provider does not maintain audit logs in their environment.
• B. The customer cannot monitor its cloud subscription on its own and must rely on the provider for monitoring purposes.
• C. The audit logs are overwritten every 30 days, and all past audit trail is lost.
• D. The audit trails are backed up regularly, but the backup is not encrypted.

Correct answer: B

Explanation

The correct answer is B because the inability of the customer to independently monitor their cloud subscription raises significant concerns about oversight and security. Options A, C, and D are valid issues but do not directly impact the customer's ability to monitor their security posture, which is crucial for compliance and risk management.