ISACA · Cloud-Fund
Validates foundational knowledge of cloud computing, covering cloud architecture, deployment models, security, risk assessment, and the ability to optimize cloud potential for business services across cloud concepts, governance, and service support.
Questions
600
Duration
120 minutes
Passing Score
65%
Difficulty
FoundationalLast Updated
Feb 2026
Use this Cloud-Fund practice exam to prepare for Cloud Fundamentals Certificate with realistic questions, detailed explanations, and focused study modes. The practice bank includes 600 questions for ISACA Cloud-Fund, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to patterns in your missed answers. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The ISACA Cloud Fundamentals Certificate is a foundational-level credential that validates knowledge of core cloud computing principles, concepts, governance, security, and service support. The exam blends theoretical knowledge with practical, performance-based assessment in a virtual lab environment, distinguishing it from purely multiple-choice certifications. It covers how cloud architecture connects vital services and data to enable digital transformation and business agility, including an understanding of deployment models, risk assessment, and cloud optimization strategies.
Offered under ISACA's Certified in Emerging Technology (CET) certificate family, this credential is designed to affirm both conceptual understanding and practical skills. Candidates are tested across three domains: Cloud Computing Concepts (42%), Cloud Service Support (33%), and Cloud Governance (23%), ensuring a balanced assessment of technical and governance competencies relevant to modern cloud environments.
This certificate is ideal for students, recent graduates, and early-career IT professionals who want to establish a verified foundation in cloud computing. It is particularly well-suited for individuals who are new to IT or transitioning into cloud-related roles such as cloud analyst, cloud support specialist, or cloud security consultant.
Teams and organizations seeking to upskill employees on cloud fundamentals will also find this certificate valuable. Because there are no prerequisites, it is accessible to anyone motivated to demonstrate cloud competency, regardless of prior certifications or formal education in technology.
There are no formal prerequisites for the ISACA Cloud Fundamentals Certificate. Candidates can register for the exam at any time without needing to hold prior certifications or meet specific experience requirements.
While no prerequisites are mandated, candidates are expected to have at least a general familiarity with IT concepts. ISACA recommends using official preparation resources — including the self-guided online review course, hands-on lab package, and the official study guide — to build the practical and conceptual knowledge needed to pass the performance-based components of the exam.
The Cloud Fundamentals exam is computer-based and delivered as a remotely proctored online exam with a 2-hour (120-minute) time limit. It blends two question types: traditional multiple-choice (knowledge-based) questions and performance-based questions set within a virtual lab environment, which test hands-on application of cloud skills rather than purely theoretical recall.
Candidates must earn a passing score of 65% or higher. Exam eligibility is valid for 12 months from the date of registration, and appointments can be scheduled as early as 48 hours after payment. Rescheduling is permitted without penalty if done at least 48 hours before the scheduled appointment. The specific total number of questions is not published by ISACA.
The ISACA Cloud Fundamentals Certificate serves as a recognized entry point into cloud-focused roles, validating skills that are increasingly demanded as organizations accelerate cloud adoption. Job roles accessible with this credential include cloud analyst, cloud support specialist, and cloud security consultant, in both private sector technology firms and public sector agencies that use ISACA credentials as hiring benchmarks. Lightcast data cited by ISACA indicates that CET-related skills — the family this certificate belongs to — command salary premiums of up to US $15,000, with entry-level certified professionals typically earning between $65,000 and $80,000 annually.
Demand for cloud computing security skills specifically is projected to grow 90% over the next five years, making a foundational cloud credential an investment with long-term career relevance. Compared to vendor-specific foundational certifications such as AWS Cloud Practitioner or Microsoft Azure Fundamentals, the ISACA Cloud Fundamentals Certificate differentiates itself by emphasizing governance, risk, and compliance alongside technical concepts — a combination well-aligned with compliance-heavy industries such as finance, healthcare, and government.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 600 questions.
Preview — answers shown1. A multinational corporation needs to ensure cloud service availability of 99.99 percent according to their SLA. How much total downtime is acceptable per year? (Select one!)
Explanation
99.99 percent availability, also known as four nines, allows approximately 52 minutes 36 seconds of downtime per year. This is calculated as 0.01 percent of total annual time. 8 hours 46 minutes corresponds to 99.9 percent availability with three nines. 4 hours 23 minutes corresponds to 99.95 percent availability. 5 minutes 15 seconds corresponds to 99.999 percent availability with five nines, which exceeds the stated requirement and would be significantly more expensive to achieve.
2. A software company develops applications that execute code in response to HTTP requests, message queue events, and database changes. The code runs in stateless compute instances with automatic scaling, and the company pays only when functions execute. Which service model is being used? (Select one!)
Explanation
Function as a Service (FaaS) is an event-driven serverless computing model where code runs in stateless compute instances triggered by specific events like HTTP requests, message queues, or database changes. FaaS features automatic scaling and pay-per-execution pricing. Platform as a Service provides development environments but requires managing application lifecycle. Container as a Service focuses on container orchestration. Software as a Service delivers complete applications, not individual functions. FaaS is a subset of serverless computing designed for event-driven execution.
3. A cloud architect designs network security for a VPC deployment. The design requires stateless filtering at the subnet level with explicit allow and deny rules evaluated in numbered order. Which security control meets these requirements? (Select one!)
Explanation
Network Access Control Lists are stateless security controls that operate at the subnet level in VPC environments. NACLs support both allow and deny rules and process rules in numbered order from lowest to highest. Security Groups are stateful and operate at the instance level without numbered rule ordering or explicit deny capabilities. Web Application Firewalls operate at Layer 7 for HTTP/HTTPS traffic protection, not general network filtering. IAM policies control access to AWS resources and APIs, not network traffic. The stateless nature of NACLs means return traffic must be explicitly allowed, and the numbered rule evaluation provides precise control over traffic filtering at subnet boundaries.
4. A global organization stores customer data in cloud storage across multiple geographic regions. Regulations require that data belonging to European customers remain within European Union jurisdictions. Which cloud compliance concept does this requirement address? (Select one!)
Explanation
Data sovereignty refers to the legal jurisdiction and regulatory requirements governing data based on its physical location, requiring organizations to ensure data remains within specific geographic boundaries to comply with regional laws and regulations. This is particularly relevant for GDPR and other regional data protection laws. Encryption at rest protects data confidentiality but does not address jurisdictional location requirements. Data loss prevention prevents unauthorized data exposure but does not control geographic data location. Data classification categorizes data by sensitivity but does not enforce geographic storage requirements necessary for sovereignty compliance.
5. A cloud governance committee evaluates service reliability metrics. The provider commits to 99.95% availability in the customer contract. Internal monitoring shows actual uptime of 99.97%, and the provider sets internal targets of 99.98% to maintain buffer above contractual obligations. Which terms correctly identify these three metrics? (Select one!)
Explanation
Service Level Agreement is the contractual commitment to customers, which is the 99.95% guaranteed availability. Service Level Indicator is the actual measured performance, represented by the 99.97% observed uptime. Service Level Objective is the internal target the provider sets to maintain buffer above SLA commitments, which is the 99.98% goal. SLOs are typically set higher than SLAs to create error budgets and prevent SLA breaches. The hierarchy flows as: SLA defines customer promises, SLO defines internal targets, SLI measures actual performance.
Certified Information Security Manager (CISM)
CISM · 1196 questions
Certified Information Systems Auditor (CISA)
CISA · 895 questions
Certified in Risk and Information Systems Control (CRISC)
CRISC · 761 questions
Certified Data Privacy Solutions Engineer (CDPSE)
CDPSE · 749 questions
IoT Fundamentals Certificate
IoT-Fund · 630 questions
IT Audit Fundamentals Certificate
IT-Audit-Fund · 627 questions
$17.99
One-time access to this exam