Which process verifies untested and untrusted codes in a controlled cloud environment?

The correct process that verifies untested and untrusted code in a controlled cloud environment is sandboxing. This approach involves executing code in an isolated environment, or "sandbox," where the code can run without affecting the rest of the system or other applications. The primary purpose of sandboxing is to provide a safe space to test new or potentially harmful software before it is integrated into the broader environment.

By creating a controlled environment, sandboxing enables security professionals to monitor the behavior of the code, assess its impact, and identify any malicious activities without risking the security of the overall system. This is particularly crucial in cloud environments where multiple users and applications co-exist and where any vulnerabilities can lead to severe consequences.

In contrast, while application virtualization allows applications to run on abstracted environments, it does not specifically address the verification aspect of untrusted code. Data masking is more concerned with protecting sensitive information rather than testing code. Lastly, supply chain management focuses on overseeing and managing the flow of goods and services, which does not directly pertain to verifying untrusted code. Thus, sandboxing stands out as the most effective process for testing and validating untrusted software securely.