Certified Cloud Security Professional – CCSP – Question451
Which kind of SSAE audit reviews controls dealing with the organization’s controls for assuring the confidentiality, integrity, and availability of data? A. SOC 1 B. SOC 2 C. SOC 3 D. SOC 4
Correct Answer: B
Explanation:
Explanation: SOC 2 deals with the CIA triad. SOC 1 is for financial reporting. SOC 3 is only an attestation by the auditor. There is no SOC 4.
Please disable your adblocker or whitelist this site!