ISC2 Certified Cloud Security Professional (CCSP) Practice Question
A security assessor is reviewing a new multitenant HR payroll application that employees will access through a browser. The contract specifies that the SaaS provider operates the application code, runtime, operating system, virtualization layer, and physical facilities. Under the standard SaaS shared-responsibility model, which security activity remains primarily the customer's obligation?
Controlling badge access to the data-center racks where the service is hosted
Applying critical security patches to the database engine that supports the service
Classifying the sensitivity of the stored HR and payroll data
Hardening and monitoring the hypervisor hosting the provider's virtual machines
In a SaaS model the provider manages the underlying stack-including physical security, the hypervisor, operating system, database, and even the application itself. The customer still owns governance over its information: defining how sensitive each data set is, setting retention rules, and assigning access controls. Classifying the organization's HR data is therefore a customer responsibility, while patching the database engine, hardening the hypervisor, and controlling physical entry to the data-center are handled by the SaaS provider.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a SaaS shared-responsibility model?
Open an interactive chat with Bash
Why is data classification important in a SaaS environment?
Open an interactive chat with Bash
What security activities are typically managed by a SaaS provider?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Concepts, Architecture and Design
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .