PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #4: Real Exam Question with Answer & Explanation

The correct answer is C: ISO 27017. ISO 27017 is the international standard that provides guidelines specifically for information security controls applicable to the provision and use of cloud services-it extends ISO 27002 with cloud-specific guidance. ISO 27001 defines requirements for an Information Security Mana

Submitted by ashley.k· Apr 18, 2026Ensuring compliance

Question

Which international compliance standard provides guidelines for information security controls applicable to the provision and use of cloud services?

Options

AISO 27001
BISO 27002
CISO 27017
DISO 27018

Explanation

ISO 27017 is the international standard that provides guidelines specifically for information security controls applicable to the provision and use of cloud services-it extends ISO 27002 with cloud-specific guidance. ISO 27001 defines requirements for an Information Security Management System (ISMS). ISO 27002 provides general information security control guidelines not specific to cloud. ISO 27018 focuses on protecting personally identifiable information (PII) in public clouds. Since the question asks about cloud service security controls specifically, ISO 27017 is the correct answer.

Topics

#ISO standards#Cloud security compliance#Information security controls#ISO 27017

Community Discussion

No community discussion yet for this question.

Full PROFESSIONAL-CLOUD-SECURITY-ENGINEER Practice Browse All PROFESSIONAL-CLOUD-SECURITY-ENGINEER Questions