Certified Cloud Security Professional (CCSP) — Question 131

Which of the following frameworks focuses specifically on design implementation and management?

Answer options

• A. ISO 31000:2009
• B. ISO 27017
• C. NIST 800-92
• D. HIPAA

Correct answer: B

Explanation

ISO 27017 is specifically tailored for cloud security and provides guidelines on the implementation and management of security controls. The other options, while important, focus on broader risk management (ISO 31000:2009), guidelines for information systems (NIST 800-92), and health information privacy (HIPAA), rather than specifically on design implementation.