A company is launching a multi-tier web application on a cloud service platform and wants to ensure that security best practices are followed according to the industry-standard model of shared burden between the cloud service provider and the customer. Which option best identifies the customer's responsibilities in this model?
Both parties are equally responsible for physical data center security and the protection of the network infrastructure.
The provider is responsible for all aspects of security, from physical data centers to the configuration and management of firewalls and operating systems.
The customer must manage physical device security, underlying cloud infrastructure, and complete application stack maintenance.
The customer is tasked with managing the guest operating system, securing the deployed applications, and setting appropriate configurations for the firewall and access controls.