CHAPTER 6Domain 6: Legal, Risk, and Compliance

Domain 6 contains material that some candidates find the most awkward and confusing: the legal and policy elements. It also delves into compliance and how cloud customers ensure that their organization is fulfilling regulatory requirements. It is weighted much less than the previous domains on the exam, though, so this chapter is much shorter than the ones you’ve seen so far.

Which of the following is a U.S. audit standard often used to evaluate cloud providers?
1. ISO 27001
2. SOX
3. SSAE 18
4. IEC 43770
The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) program has _______________ tiers.
1. Two
2. Three
3. Four
4. Eight
The Cloud Security Alliance (CSA) Security, Trust, ...

Get (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests, 2nd Edition by Ben Malisow

CHAPTER 6Domain 6: Legal, Risk, and Compliance

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly