As per the CHFI v11 Cloud Forensics objectives , cloud-based identity and access management solutions that provide Single Sign-On (SSO) , Multi-Factor Authentication (MFA) , centralized authentication, and fine-grained authorization controls—managed entirely by a third-party provider —are classified as Identity-as-a-Service (IDaaS) .
IDaaS is a specialized cloud service model designed specifically for identity management , including authentication, authorization, user provisioning, role-based access control, and centralized logging of authentication events. In forensic investigations, IDaaS platforms are critical evidence sources because they generate detailed authentication logs , login timestamps, MFA challenges, IP addresses, device identifiers, and anomaly alerts. These logs allow investigators to correlate user identities with access patterns and trace unauthorized or malicious actions across multiple systems.
The CHFI v11 blueprint explicitly differentiates IDaaS from other cloud service models. IaaS focuses on infrastructure resources such as virtual machines and networks, not identity enforcement. PaaS is used for developing and deploying custom applications, which is not indicated here since the authentication is handled by a third party. DaaS delivers virtual desktops and does not inherently manage enterprise-wide authentication and authorization.
Therefore, based on the presence of third-party-managed SSO, MFA, centralized access control, and authentication log analysis, the correct answer—fully aligned with CHFI v11 documentation—is Identity-as-a-Service (IDaaS) .
Submit