What aspect of Software as a Service (SaaS) functionality and operations would the cloud customer be responsible for and should be audited?

CCAK V1 0 Comments

What aspect of Software as a Service (SaaS) functionality and operations would the cloud customer be responsible for and should be audited?
A . Access controls
B . Vulnerability management
C . Patching
D . Source code reviews

Answer: A

Explanation:

According to the cloud shared responsibility model, the cloud customer is responsible for managing the access controls for the SaaS functionality and operations, and this should be audited by the cloud auditor12. Access controls are the mechanisms that restrict and regulate who can access and use the SaaS applications and data, and how they can do so. Access controls include identity and access management, authentication, authorization, encryption, logging, and monitoring. The cloud customer is responsible for defining and enforcing the access policies, roles, and permissions for the SaaS users, as well as ensuring that the access controls are aligned with the security and compliance requirements of the customer’s business context12.

The other options are not the aspects of SaaS functionality and operations that the cloud customer is

responsible for and should be audited.

Option B is incorrect, as vulnerability management is the process of identifying, assessing, and mitigating the security weaknesses in the SaaS applications and infrastructure, and this is usually handled by the cloud service provider12.

Option C is incorrect, as patching is the process of updating and fixing the SaaS applications and infrastructure to address security issues or improve performance, and this is also usually handled by the cloud service provider12.

Option D is incorrect, as source code reviews are the process of examining and testing the SaaS applications’ source code to detect errors or vulnerabilities, and this is also usually handled by the cloud service provider12.

Reference: Shared responsibility in the cloud – Microsoft Azure

The Customer’s Responsibility in the Cloud Shared Responsibility Model – ISACA

Latest CCAK Dumps Valid Version with 76 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CCAK PDF    CCAK Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments