Which type of control should be used to implement custom controls that safeguard data?

The correct answer is the application level because it refers to the implementation of security measures directly within software applications to protect data. Custom controls at this level allow developers to tailor security features based on specific application requirements and business needs. This can include authentication mechanisms, data encryption methods, and access management policies that are integrated into the application itself, ensuring that data is safeguarded during processing, storage, and transmission.

Utilizing application-level controls enables more granular and context-specific security measures that can effectively respond to unique threats that might arise within that particular application. This is especially crucial in cloud environments where data is not only stored but also processed across various services and applications. By creating custom controls at this level, organizations can better align their security practices with their overall risk management strategies.

The other options, while relevant to security practices, do not specifically address the implementation of custom controls tailored for data safeguarding in the same direct manner as application-level controls do. For instance, public and internal sharing and options for access pertain to how data is shared or who can access it, but they do not inherently provide mechanisms for safeguarding data through custom controls. Similarly, the management plane focuses on the administration and oversight of cloud resources rather than the specific protections applied to the data itself within applications