Certificate of Cloud Auditing Knowledge (CCAK) — Question 67

Which of the following is a detective control that may be identified in a Software as a Service (SaaS) service provider?

Answer options

• A. Network segmentation
• B. Incident management
• C. Privileged access monitoring
• D. Data encryption

Correct answer: C

Explanation

Privileged access monitoring is a detective control that helps identify unauthorized access or misuse of privileged accounts within a SaaS environment. Network segmentation and data encryption are preventative controls, while incident management is more of a response mechanism rather than a direct detective control.