Certified Cloud Security Engineer (CCSE) — Question 10

Tom Holland works as a cloud security engineer in an IT company located in Lansing, Michigan. His organization has adopted cloud-based services wherein user access, application, and data security are the responsibilities of the organization, and the OS, hypervisor, physical, infrastructure, and network security are the responsibilities of the cloud service provider. Based on the aforementioned cloud security shared responsibilities, which of the following cloud computing service models is enforced in Tom’s organization?

Answer options

• A. Software-as-a-Service
• B. On-Premises
• C. Infrastructure-as-a-Service
• D. Platform-as-a-Service

Correct answer: D

Explanation

The correct answer is D, Platform-as-a-Service, because it allows the organization to manage applications and data while the cloud provider takes care of the underlying infrastructure. Software-as-a-Service (A) typically involves the provider managing everything, while Infrastructure-as-a-Service (C) refers to a model where the organization would handle more security responsibilities. On-Premises (B) does not apply as it refers to local infrastructure rather than cloud services.