nerdexam
EC-Council

312-49V11 · Question #164

312-49V11 Question #164: Real Exam Question with Answer & Explanation

The correct answer is D. The organization uses Identity-as-a-Service (IDaaS) for enforcing authorization rules.. As per the CHFI v11 Cloud Forensics objectives, cloud-based identity and access management solutions that provide Single Sign-On (SSO), Multi-Factor Authentication (MFA), centralized authentication, and fine-grained authorization controls--managed entirely by a third-party provid

Question

During a forensic investigation into a cyberattack that compromised a company's sensitive data, the investigator discovers that the organization uses a cloud-based solution for managing user access across various internal systems. This solution includes features such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and detailed access controls, all handled by a third- party service provider. The investigator examines logs from the authentication system and compares them with system access patterns to trace the illegal actions during the breach. What type of cloud service deployment is being utilized by the organization?

Options

  • AThe organization uses Desktop-as-a-Service (DaaS) for access controls or authentication
  • BThe organization uses Infrastructure-as-a-Service (IaaS) for managing user access on systems
  • CThe organization uses Platform-as-a-Service (PaaS) to deploy and manage custom-built
  • DThe organization uses Identity-as-a-Service (IDaaS) for enforcing authorization rules.

Explanation

As per the CHFI v11 Cloud Forensics objectives, cloud-based identity and access management solutions that provide Single Sign-On (SSO), Multi-Factor Authentication (MFA), centralized authentication, and fine-grained authorization controls--managed entirely by a third-party provider--are classified as Identity-as-a-Service (IDaaS). IDaaS is a specialized cloud service model designed specifically for identity management, including authentication, authorization, user provisioning, role-based access control, and centralized logging of authentication events. In forensic investigations, IDaaS platforms are critical evidence sources because they generate detailed authentication logs, login timestamps, MFA challenges, IP addresses, device identifiers, and anomaly alerts. These logs allow investigators to correlate user identities with access patterns and trace unauthorized or malicious actions across multiple systems. The CHFI v11 blueprint explicitly differentiates IDaaS from other cloud service models. IaaS focuses on infrastructure resources such as virtual machines and networks, not identity enforcement. PaaS is used for developing and deploying custom applications, which is not indicated here since the authentication is handled by a third party. DaaS delivers virtual desktops and does not inherently manage enterprise-wide authentication and authorization. Therefore, based on the presence of third-party-managed SSO, MFA, centralized access control, and authentication log analysis, the correct answer--fully aligned with CHFI v11 documentation--is Identity-as-a-Service (IDaaS).

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-49V11 Practice