Exam CS0-002 topic 1 question 161 discussion

Honestly, seeing so many people say D, that I trusted, make me regret trusting their decisions for earlier answers. This is so blatantly C that I am shocked someone made it to this test without knowing it. D is stating "as a matter of fact". When in reality, you can easily have cloud platforms in which you are in charge of logging/monitoring. Paas for example. Everything in the end will be defined in the contract or SLA.

When entering into a public cloud relationship with a service provider, the responsibilities surrounding logging and monitoring are typically specified in the Service Level Agreement (SLA) and contract. These documents delineate the roles and responsibilities of both the cloud service provider and the customer regarding various aspects of the service, including security monitoring and logging. It's crucial to have these duties clearly outlined to ensure proper security measures are followed, and both parties are aware of their respective responsibilities. Therefore, the answer is: C. Logging and monitoring duties are specified in the SLA and contract.

While customers may have the option to configure and customize logging and monitoring settings to meet their specific needs, the service provider is responsible for the underlying infrastructure and the default monitoring and logging mechanisms.

Its scary to see people voting on here that have no idea what they are talking about. When it comes to the cloud there is no 1 right answer here. What if the customer has a IaaS, PaaS, SaaS? The only and obvious answer here is C.

D. Logging and monitoring are done by the service provider. When using a public cloud service, the responsibility for logging and monitoring typically lies with the service provider. Public cloud service providers have robust logging and monitoring systems in place to ensure the security, performance, and availability of their services.

Comptia material says SLA Logging and Monitoring Again, as part of standard secure software development practices, the API should provide sufficient logging and monitoring. Monitoring should provide alerts when an API is being bombarded with requests in a potential DoS attack, or being subject to multiple authentication or other errors, indicating a potential brute force or fuzzing attack. Another potential issue is if the cloud provider does not supply access to log files or monitoring tools. This is most likely to be the case with a software as a service model. Requirements for logging and monitoring should be identified at the start of a contract and set out in an SLA with the provider.

Comptia guide says: Logging and Monitoring Another potential issue is if the cloud provider does not supply access to log files or monitoring tools. This is most likely to be the case with a software as a service model. Requirements for logging and monitoring should be identified at the start of a contract and set out in an SLA with the provider.

I will go with C

6 Cloud Monitoring Best Practices 1. Use the Built-in Activity Monitoring All leading cloud providers can be set to monitor every cloud activity — human, script or API-based — basically at no cost other than the storage used. These cloud activity logs can be sizable and verbose, so most enterprises keep them in the cloud to reduce bandwidth costs, allowing for larger datasets and longer retention. 2. Activate Logging on Everything You can and Retain it For at Least a Year In addition to activity logs, the leading cloud providers offer detailed logging for every IaaS/PaaS capability offered — networking, containers, serverless and other services. The best practice is to log everything possible, including network flow logs. This pervasive visibility can be baselined and analyzed for patterns, providing the foundation for behavioral analytics-based threat detection

when entering public cloud relationship, before beginning to use public cloud service, there is a SLA/contract which mentions how the logging and monitoring service works while using the service. You can choose D, but it depends what kinds of cloud service you are getting from public cloud. If you are getting IaaS or PaaS, maybe you are responsible for logging and monitoring, so it mentions on the SLA/contract. On SaaS service provide provides logging and monitoring, but "AGAIN" it mentions on the SLA/contract. So the answer is not D, but C

I couldn't find any information in my research to support this but I thought it was odd how in the question the word public was specified for the type of cloud provider. Makes me wonder if companies are allowed to have monitoring privileges in a public environment

I agree with D

When transitioning over to a cloud solution, an organization may lose visibility of certain points on the technology stack, particularly if it’s subscribing to PaaS or SaaS solutions. Because the responsibility of protecting portions of the stack falls to the service provider, it does sometimes mean the organization loses monitoring capabilities, for better or worse. Chapman, Brent; Maymi, Fernando. CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002) (p. 158). McGraw Hill LLC. Kindle Edition.

I actually don't have a 100% sure answer for this, I would think that the SLA would decide who does the logging and monitoring, could it be that sometimes the organization itself does the logging and monitoring and it doesn't always have to be done by the service provider? The other thing is they are saying that they are about to "go into a relationship", i think that doesn't necessarily mean that the cloud service provider is a cloud SECURITY service provider, they could be providing another cloud service. If I had to go with an answer it would be C, Im going with SLA and contract.

D is the answer