Great News!
Many students who study using our platform have reported that a large number of the practice questions here are very similar to those that appear in real exams. View Courses
Many students who study using our platform have reported that a large number of the practice questions here are very similar to those that appear in real exams. View Courses
Due to internal resource constraints, the management team has asked the principal security architect to recommend a solution that shifts partial responsibility for application-level controls to the cloud provider. In the shared responsibility model, which of the following levels of service meets this requirement?
Answer: D. PaaS
In the shared responsibility model, the level of responsibility that the cloud provider assumes depends on the cloud service model. PaaS (Platform as a Service) offers a balanced approach where the provider manages the underlying platform (e.g., operating system, middleware, runtime), while the customer manages the application itself. This allows partial responsibility for application-level controls to be shifted to the cloud provider, which fits the requirement.
Why the others are not correct:
IaaS (Infrastructure as a Service): In IaaS, the cloud provider only manages the infrastructure (e.g., hardware, network, storage), while the customer is responsible for the operating system, middleware, and application. The customer retains more control, meaning the responsibility for application-level controls remains with the customer, so it does not meet the requirement for shifting partial responsibility to the provider.
SaaS (Software as a Service): In SaaS, the provider manages everything, including the application. The customer only uses the service, which means the customer has minimal control over the application. This doesn't meet the requirement for partial responsibility shift because in SaaS, the provider assumes full responsibility for the application.
FaaS (Function as a Service): FaaS is a serverless computing model where the provider manages infrastructure and functions, and the customer manages the function code. Although this abstracts infrastructure management, the customer still has to manage application logic. This is not the best fit for shifting partial responsibility at the application level, as it focuses more on individual functions rather than a broader application management model.
No Payment Cards Needed
Discover a range of courses designed to provide you with the knowledge and skills needed to excel in your chosen field.
You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams
