During scoping for a penetration test of a client's web service deployed on a public Platform-as-a-Service (PaaS) such as AWS Elastic Beanstalk or Azure App Service, you must define security responsibilities. According to the standard cloud shared responsibility model for PaaS, which component remains chiefly under the customer's control and must therefore be included in the test plan?
Patching and hardening the operating system kernel on the platform hosts
Physical access control to the cloud provider's data center facilities
The hypervisor that runs the provider's virtual machines and containers
The application code and the data stored or processed by the workload
In a PaaS environment the cloud provider operates and secures the underlying facilities, physical network, virtualization layer, and the operating system that supports the runtime. The customer's obligations begin above the platform layer; they are responsible for securing their own application logic, configuration, and any data they store or process in the service. Hypervisor hardening, physical security, and guest OS patching are handled by the provider and fall outside the customer's direct control and testing scope.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the cloud shared responsibility model in PaaS?
Open an interactive chat with Bash
Why is the customer responsible for securing application code and data in PaaS?
Open an interactive chat with Bash
How do customers secure their applications and data in PaaS environments?
Open an interactive chat with Bash
What is the cloud shared responsibility model?
Open an interactive chat with Bash
What responsibilities does the customer have in a PaaS model?
Open an interactive chat with Bash
How does PaaS differ from IaaS in the shared responsibility model?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cloud Computing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .