o In a PaaS model, the cloud provider manages the underlying infrastructure, including the physical hardware, network, and the operating system (OS) itself. However, the customer is responsible for securing their applications, data, and access controls running on that OS. This includes tasks like patching the operating system with security updates, configuring firewall rules within the application, and implementing access controls.
o A. Network security: The cloud provider is responsible for securing the physical network infrastructure and its underlying components. However, customers are responsible for configuring firewall rules and other network security settings within their applications and environments.
The PaaS customer is responsible for securing its applications, data, and user access. The PaaS provider secures the operating system and physical infrastructure.
C. OS security
Explanation: In a PaaS model, the cloud provider manages the underlying infrastructure, including the hardware and operating system. However, the customer is responsible for securing the applications, data, identities, and configurations within the operating system. This includes tasks such as configuring user access controls, implementing security patches and updates for applications, and securing data stored and processed within the PaaS environment.
In the shared responsibility model for Platform as a Service (PaaS), the responsibility for OS (Operating System) security typically falls on the customer. This includes tasks such as patch management, configuration hardening, and ensuring the security of applications deployed on the PaaS environment. Microsoft Azure, AWS, and Google Cloud all define OS security as part of the customer's responsibilities under their respective shared responsibility models for PaaS.
In a PaaS model, the customer is responsible for securing the application, data, and user access, while the PaaS provider secures the operating system and physical infrastructure. The customer is also responsible for developing, maintaining, and managing data and user access within their applications. The customer is also responsible fo protecting their software codes and other assets developed on the platform.
It can only be C. For example - AWS Elastic Beanstalk and Azure App Service are PaaS - it's not your responsibility to take care of their hosts, network or physical security.
In a shared responsibility model for Platform as a Service (PaaS), the customer’s responsibility is typically A. Network Security.
In a PaaS model, the cloud service provider (CSP) is generally responsible for the infrastructure, including physical hardware, network, and operating system. The customer, on the other hand, is responsible for the security of their own applications and data, which includes network security within their applications. Therefore, the correct answer according to CompTIA best practices is A. Network Security.
Please note that the exact responsibilities can vary depending on the specific terms of service of the PaaS provider. It’s always a good idea to review these terms carefully.
From CloudSecurityAlliance.org:
PaaS (Platform as a Service) - In this model, the CSP is accountable for securing the PaaS platform itself. This includes securing the databases, middleware, development frameworks, runtime environments, and operating systems (OSes). Customers are responsible for developing and maintaining their applications running on the PaaS platform. This includes writing secure code, regularly updating and patching application components and data protection.
It's important to note that the PaaS provider retains responsibility for the underlying infrastructure, runtime, and platform components. This includes aspects such as the operating system, runtime environment, middleware, and physical security of the infrastructure.
Network Security:
Customer Responsibility: Configuring and managing network security settings for applications deployed on the PaaS platform. This includes firewall configurations, network segmentation, and secure communication practices.
A: network security, OS security is the responsibility of the cloud provider
in Pass we have three share responsibility
identity and directory infrastructure
application control
network control
Agree, although in typical comptia fashion none of the answers is truly correct. Unless by network it refers to network controls
https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
https://www.redhat.com/en/topics/cloud-computing/iaas-vs-paas-vs-saas
https://cloud.google.com/learn/paas-vs-iaas-vs-saas
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
woohoolou
Highly Voted 1 year, 7 months agojoschmo
Most Recent 4 days, 4 hours agoSteel16
2 weeks agoChiaretta
1 month, 2 weeks agoHereToStudy
6 months ago23169fd
8 months agoisaphiltrick
8 months, 1 week agoshinda
9 months agoddcnsd65
10 months, 3 weeks agoe4af987
11 months, 2 weeks agoElDirec
1 year, 1 month agoCraZee
1 year, 1 month agoCraZee
1 year, 1 month agoCraZee
1 year, 1 month agoDelab202
1 year, 2 months agonuel_12
1 year, 3 months agowizwiz
1 year, 3 months agoAlizadeh
1 year, 7 months ago