Certificate of Cloud Auditing Knowledge (CCAK) — Question 86

The CSA STAR maturity model assessment should summarize:

Answer options

• A. the security posture of the cloud provider.
• B. the effectiveness of operating controls.
• C. the strengths and weaknesses of a cloud service provider’s processes.
• D. ISO/IEC 27001:2013 control objective status.

Correct answer: C

Explanation

The correct answer, C, highlights the need to evaluate both the strengths and weaknesses of a cloud service provider's processes, which is essential for understanding their overall effectiveness. Options A and B focus on specific aspects of security and control effectiveness, while option D pertains to a particular standard's control objectives, which does not provide a comprehensive view of the provider's processes.