Question 1

An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provider. The client handles highly sensitive healthcare data. The auditor notes that the cloud provider stores data in a multi-tenant environment. Which specific risk is MOST heightened in this deployment model compared to a private cloud?

Accepted Answer

Focus on the definition of 'public cloud' and 'multi-tenant'. The key risk in sharing resources is that one tenant might access another's data.

Question 2

What mistakes do candidates make on this CPA question?

Accepted Answer

Assuming public clouds are less physically secure (they are usually more secure physically) or have scalability issues.

How to approach this question

Full Answer

Common mistakes

Practice the full CPA ISC Practice Exam 4

More questions from this exam