Certificate of Cloud Security Knowledge (CCSK) — Question 6

How should an SDLC be modified to address application security in a Cloud Computing environment?

Answer options

• A. Integrated development environments
• B. Updated threat and trust models
• C. No modification is needed
• D. Just-in-time compilers
• E. Both B and C

Correct answer: B

Explanation

Option B is correct because updated threat and trust models are essential in addressing security challenges unique to Cloud Computing. The other options do not directly address the necessary modifications for security; for instance, integrated development environments and just-in-time compilers do not specifically relate to the security adaptations needed in the SDLC, while option C incorrectly states that no modifications are necessary.