ISC2 Certified Cloud Security Professional (CCSP) Practice Question
Your company is deploying a new microservice-based application on a public cloud provider's managed PaaS service. The platform automatically provisions and patches the virtual machines, operating systems, middleware, and runtime environment. According to the cloud shared-responsibility model, which security task remains primarily the customer's responsibility and cannot be delegated to the provider?
Regularly applying security patches to the managed database engine that the platform supplies
Implementing input validation and other secure coding controls in the application source code
Maintaining and hardening the host operating system image used by the service
Managing the physical security of the data center where the service runs
In a Platform as a Service (PaaS) offering, the cloud provider assumes responsibility for managing and securing the underlying infrastructure, hypervisor, host operating system, and platform middleware-including patching and hardening those components. Physical security of the data center is also entirely within the provider's domain. However, customers retain full responsibility for anything they deploy or create on top of the platform. That includes their data and the security of their own application code. Implementing secure development practices-such as proper input validation, output encoding, and other application-layer controls-remains the customer's obligation because only the customer can embed these controls within the software they build. The provider cannot secure code it does not author. Therefore, implementing input validation and other secure coding controls in the application source code is the correct choice, while the other tasks fall under the provider's duties in a PaaS environment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the cloud shared-responsibility model?
Open an interactive chat with Bash
Why is input validation crucial in application security?
Open an interactive chat with Bash
How does PaaS differ from SaaS and IaaS in terms of customer responsibilities?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Concepts, Architecture and Design
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .