PCCET · Question #112
PCCET Question #112: Real Exam Question with Answer & Explanation
The correct answer is D: both IT administrators and users. In an enterprise SaaS application, security settings are a shared responsibility, with the customer's IT administrators managing organizational policies and individual users being responsible for their own secure usage.
Question
Who is responsible for the security settings in an enterprise SaaS application?
Options
- ASaaS provider
- BIT administrator of the customer organization
- Cuser, typically an employee of the customer organization
- Dboth IT administrators and users
Explanation
In an enterprise SaaS application, security settings are a shared responsibility, with the customer's IT administrators managing organizational policies and individual users being responsible for their own secure usage.
Common mistakes.
- A. While the SaaS provider is responsible for the security of the application and its underlying infrastructure, they do not manage the customer's specific security settings like user roles, permissions, or data configurations.
- B. IT administrators manage many security settings, but end-users also have responsibilities related to their own data, passwords, and actions within the application.
- C. Users have some security responsibilities (e.g., strong passwords, not sharing data), but IT administrators are typically responsible for broader security configurations and policies.
Concept tested. SaaS shared responsibility model
Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
Topics
Community Discussion
No community discussion yet for this question.