Home › BCA Cloud Computing › cloudcomputing › cloudsecurity › A cloud provider's shared responsibility model o…
A cloud provider's shared responsibility model on IaaS typically states that:
AThe provider secures the underlying physical infrastructure, hypervisor, and host hardware; the customer secures the guest OS, applications, data, and identity configuration
BThe customer must build and operate the datacentre themselves
CNeither side is responsible for security
DThe provider is responsible for everything end-to-end including the customer's app code
Answer & Solution
Correct answer: A. The provider secures the underlying physical infrastructure, hypervisor, and host hardware; the customer secures the guest OS, applications, data, and identity configuration
Standard IaaS responsibility split: provider owns the metal + hypervisor; customer owns the VM stack above. End-to-end provider ownership only happens at SaaS. Self-built datacentre isn't IaaS. "No one" is never the answer.
Related questions
The defense-in-depth model recommends:A workload makes outbound HTTP requests to update some on-prem inventory. The on-prem systAn auditor needs to know who deleted a critical database resource last week. Which type ofWhich security model assumes that no network location is inherently trusted and verifies eAn organisation wants a single sign-on across AWS, Microsoft 365, and Salesforce so users Why is rotating credentials (passwords, access keys, certificates) on a schedule a best prA virtual firewall that controls allowed inbound and outbound traffic on a single VM in a What does the principle of least privilege recommend when assigning permissions in any clo