ISC2 Certified Cloud Security Professional (CCSP) Practice Question
A multinational retailer is moving its customer-loyalty application to a SaaS CRM platform that is hosted in several geographic regions. The provider is ISO 27001 certified, publishes a quarterly SOC 2 Type II report, and offers EU Standard Contractual Clauses for GDPR compliance. According to the shared-responsibility model, which action would most directly reduce residual risk that remains with the retailer (the data controller) but is not mitigated by the SaaS provider?
Subscribe to a continuous-monitoring service that scans the provider's public IP addresses
Enable multi-factor authentication for all employees who log in to the SaaS CRM portal
Purchase cyber-risk insurance that specifically covers a breach at the SaaS provider
Demand that the provider extend its certification scope to include ISO 27701 privacy controls
Under the shared-responsibility model, the SaaS provider is accountable for the security of the service (e.g., infrastructure hardening, availability, many physical and network controls). Identity and access management for the customer's own users, however, remains the customer's duty. Enforcing multi-factor authentication (MFA) for employees directly mitigates the risk of credential compromise and unauthorized access to customer data-risk that is squarely owned by the retailer.
Cyber-risk insurance transfers financial impact but does not itself reduce the likelihood of a breach.
Requiring the provider to add ISO 27701 controls addresses provider processes, not the customer's residual responsibilities.
External vulnerability scanning of the provider's IP space duplicates provider assurance activities and still leaves the largest customer-side gap-weak user authentication-unaddressed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the shared-responsibility model?
Open an interactive chat with Bash
Why is multi-factor authentication important in mitigating residual risk?
Open an interactive chat with Bash
What are EU Standard Contractual Clauses for GDPR compliance?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Legal, Risk and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .