Certificate of Cloud Security Knowledge (CCSK) — Question 148

When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?

Answer options

• A. The metrics defining the service level required to achieve regulatory objectives.
• B. The duration of time that a security violation can occur before the client begins assessing regulatory fines.
• C. The cost per incident for security breaches of regulated information.
• D. The regulations that are pertinent to the contract and how to circumvent them.
• E. The type of security software which meets regulations and the number of licenses that will be needed.

Correct answer: A

Explanation

The correct answer is A because establishing metrics for service levels is crucial to ensure compliance with regulatory requirements. Options B, C, D, and E do not address the need for measurable service levels required to meet regulatory standards, which is the primary concern in such environments.