Certificate of Cloud Auditing Knowledge (CCAK) — Question 21

Which of the following is a cloud-native solution designed to counter threats that do not exist within the enterprise?

Answer options

• A. Policy based access control
• B. Attribute based access control
• C. Rule based access control
• D. Role based access control

Correct answer: B

Explanation

The correct answer, Attribute based access control, is specifically designed to provide flexible access control based on user attributes, which is crucial for addressing external threats. The other options, while valid access control mechanisms, are not specifically tailored to combat threats originating outside the enterprise environment.