Big Halloween Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Cyber AB
  4. CMMC
  5. CMMC-CCA Discussions
  6. CMMC-CCA Exam Topic 4 Question 34 Discussion

Cyber AB Certified CMMC Assessor (CCA) Exam CMMC-CCA Question # 34 Topic 4 Discussion

 Cyber AB Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Cyber AB Certified CMMC Assessor (CCA) Exam CMMC-CCA Question # 34 Topic 4 Discussion

CMMC-CCA Exam Topic 4 Question 34 Discussion:
Question #: 34
Topic #: 4

A cloud-native OSC uses a vendor’s FedRAMP MODERATE authorized cloud environment for all aspects of their CUI needs (identity, email, file storage, office suite, etc.) as well as the vendor’s locally installable applications. The OSC properly configured the vendor’s cloud-based SIEM system to monitor all aspects of the cloud environment. The OSC’s SSP documents SI.L2-3.14.7: Identify Unauthorized Use, defining authorized use and referencing procedures for identifying unauthorized use.

How should the Certified Assessor score this practice?
A.

NOT MET because logs from physical infrastructure are not captured by the SIEM.

B.

NOT MET because locally installable applications from a cloud-native environment are not allowed.

C.

MET because being cloud-native is a great way to contain risk to a vendor’s environment.

D.

MET because the cloud SIEM is configured to monitor all of the vendor’s cloud environment.

Get Premium CMMC-CCA Questions
Actual exam question for Cyber AB CMMC-CCA exam by Xander8225 at Sep 6, 2025, 4:47:57 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next