A security team is assessing an application running in a cloud-based environment. The organization shares responsibilities with a hosting provider. Which step must the organization complete before testing begins?
Provide environment logs directly from the host infrastructure
Have the hosting provider sign a letter of intent
Document and test third-party hardware configurations
Ensure operating system patches are applied to virtual machines
The organization is tasked with handling updates that impact systems it controls, such as operating system patches. Even if the underlying hardware is managed by the hosting company, the organization retains responsibility for keeping their OS layer up to date. Other options focus on actions that do not pertain to the organization’s duties in applying OS-level fixes, or they are tasks managed by the hosting provider.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between the organization's responsibilities and the hosting provider's responsibilities in a shared responsibility model?
Open an interactive chat with Bash
Why is applying operating system patches critical in a cloud-based environment?
Open an interactive chat with Bash
How can organizations ensure they stay compliant with their security responsibilities in cloud environments?