Annual risk register omits cloud misconfiguration threats. Update?
Multiple choice — select one answer
Answer choices
Architectural breakdown & explanation
Risk registers should reflect current attack surfaces including cloud.
Correct answer(s): d. Add CSPM findings and top cloud ATT&CK techniques to enterprise risk register
Exam domain: Risk management alignment (20% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the KeyTrain's Key Training — Compliance & Governance bank. Run a full timed practice exam with domain-weighted random questions in your browser.