Certificate of Cloud Auditing Knowledge (CCAK) — Question 244

Which of the following principles, when combined with a structured development methodology, would BEST contribute to the consistent introduction of secure and compliant Software as a Service (SaaS) solutions in an organization?

Answer options

• A. Least common mechanism
• B. Security by design
• C. Least privilege
• D. Fail safe defaults

Correct answer: B

Explanation

The correct answer is B, Security by design, as it emphasizes integrating security measures from the outset of the development process, leading to more secure SaaS solutions. Options A, C, and D, while important security concepts, do not specifically focus on the proactive incorporation of security throughout the development lifecycle as effectively as Security by design.