New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CCAK Exam - Topic 4 Question 10 Discussion

Actual exam question for Isaca's CCAK exam
Question #: 10
Topic #: 4
[All CCAK Questions]

Your company is purchasing an application from a vendor. They do not allow you to perform an on-site audit on their information system. However, they say, they will provide the third-party audit attestation on the adequate control design within their environment. Which report is the vendor providing you?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Danica at May 09, 2022, 11:03 PM

Limited Time Offer

25%

Off

Get Premium CCAK Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Doretha
4 months ago
I agree with Lilli, SOC 2, TYPE 1 fits the bill here.
upvoted 0 times
...
Lettie
4 months ago
Wait, can they really skip the on-site audit? Sounds sketchy!
upvoted 0 times
...
Keva
4 months ago
SOC 2, TYPE 2 is the way to go for thorough audits.
upvoted 0 times
...
Rozella
4 months ago
I think it's SOC 3, not enough detail for SOC 2.
upvoted 0 times
...
Lilli
5 months ago
It's definitely a SOC 2, TYPE 1 report.
upvoted 0 times
...
Kattie
5 months ago
I feel like SOC 1 is more about financial controls, so it probably isn't the right answer for this situation.
upvoted 0 times
...
Sheridan
5 months ago
I practiced a question similar to this, and I believe SOC 2, Type 2 is about operational effectiveness over time, which doesn't fit since they only provide attestation.
upvoted 0 times
...
Adolph
5 months ago
I'm not entirely sure, but I remember that SOC 3 is more of a general report for public distribution, so it might not be the right choice here.
upvoted 0 times
...
Ernie
5 months ago
I think the vendor is likely providing a SOC 2, Type 1 report since it focuses on the design of controls at a specific point in time.
upvoted 0 times
...
Ezekiel
5 months ago
Ah, I've got this! The tax rate is 20%, but if you're on a low income, you can get one-third of the tax repaid. Easy peasy.
upvoted 0 times
...
Marya
5 months ago
I'm pretty sure the answer is C. AeXDiagnostics.exe sounds like the file that installs the SMA diagnostics.
upvoted 0 times
...
Aja
5 months ago
Ah, I see. Kusto Query Language is used for querying data in Azure Monitor, which includes Application Insights. That makes sense, so I'll go with option A.
upvoted 0 times
...
Tyra
5 months ago
I feel like the Unified Communications OS might have something to do with it too, but it seems less likely.
upvoted 0 times
...

Save Cancel