ISC2 Certified Cloud Security Professional (CCSP) Practice Question
During an internal compliance audit of a new public IaaS environment, auditors reported they could not obtain adequate evidence of virtual-machine log retention because neither the cloud provider nor the company's IT staff had formally accepted responsibility for maintaining those logs. Which policy-level action should the security team prioritize to ensure the required evidence is available at the next audit?
Direct administrators to export cloud logs to the on-premises SIEM on a best-effort basis.
Add a detailed right-to-audit and evidence-retention clause to the cloud service contract.
Enable host-based intrusion detection systems on all cloud virtual machines.
Publish or update a formal cloud-logging policy that assigns ownership and retention requirements for virtual-machine logs.
A gap in audit evidence usually occurs when no written policy assigns ownership for generating, retaining, and producing logs. The security team should therefore issue or update an organizational cloud-logging policy (or a specific "Virtual-Machine Logging" control) that explicitly designates who-provider, customer, or both-must collect, store, and protect the logs and for how long. A right-to-audit clause supports verification but does not itself assign control ownership. Deploying host-based IDS adds a technical safeguard, and a best-effort SIEM export directive lacks enforceability; neither clarifies responsibility. Updating incident-response playbooks improves procedures during an event but still relies on underlying policy to define who must actually retain the logs.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a cloud-logging policy?
Open an interactive chat with Bash
How does a right-to-audit clause differ from a cloud-logging policy?
Open an interactive chat with Bash
Why is assigning ownership of log retention critical for audits?
Open an interactive chat with Bash
What is the purpose of a cloud-logging policy?
Open an interactive chat with Bash
What does 'right-to-audit' mean in a cloud service contract?
Open an interactive chat with Bash
Why are host-based intrusion detection systems not sufficient for compliance audits?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Legal, Risk and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .