Certificate of Cloud Auditing Knowledge (CCAK) — Question 193

What aspect of SaaS functionality and operations would the cloud customer be responsible for and should be audited?

Answer options

• A. Access controls
• B. Vulnerability management
• C. Source code reviews
• D. Patching

Correct answer: A

Explanation

The correct answer is A, as access controls are typically the responsibility of the cloud customer to manage and ensure proper security measures are in place. Options B, C, and D generally fall under the service provider's responsibilities, as they involve internal security and maintenance aspects of the software.