CISSP · Question #580
CISSP Question #580: Real Exam Question with Answer & Explanation
The correct answer is B: Cloud application container within a Virtual Machine (VM). The team wants to maximize the cybersecurity responsibilities handled by the service provider while building new applications, which aligns with using a higher-abstraction cloud service like containers within a managed VM environment.
Question
A development operations team would like to start building new applications delegating the cybersecurity responsibility as much as possible to the service provider. Which of the following environments BEST fits their need?
Options
- ACloud Virtual Machines (VM)
- BCloud application container within a Virtual Machine (VM)
- COn premises Virtual Machine (VM)
- DSelf-hosted Virtual Machine (VM)
Explanation
The team wants to maximize the cybersecurity responsibilities handled by the service provider while building new applications, which aligns with using a higher-abstraction cloud service like containers within a managed VM environment.
Common mistakes.
- A. Cloud VMs (IaaS) still require the customer to manage OS patching, security configurations, and application security, leaving more cybersecurity responsibility with the team.
- C. On-premises VMs place nearly all cybersecurity responsibility on the organization, including physical security, network security, hypervisor, OS, and application layers.
- D. Self-hosted VMs, like on-premises solutions, require the organization to manage the full security stack, providing no delegation of cybersecurity responsibility to a service provider.
Concept tested. Cloud shared responsibility model and service abstraction levels
Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
Topics
Community Discussion
No community discussion yet for this question.