Certified in Risk and Information Systems Control (CRISC) — Question 235

Which of the following BEST protects an organization against breaches when using a software as a service (SaaS) application?

Answer options

• A. Security information and event management (SIEM) solutions
• B. Control self-assessment (CSA)
• C. Data privacy impact assessment (DPIA)
• D. Data loss prevention (DLP) tools

Correct answer: D

Explanation

Data loss prevention (DLP) tools are specifically designed to prevent sensitive data from being lost or misused, making them the best choice for protecting against breaches in SaaS applications. In contrast, SIEM solutions focus on monitoring and analysis of security incidents, CSA pertains to evaluating internal controls, and DPIA is aimed at assessing data protection impacts, none of which provide the direct protective measures that DLP tools offer.