In a multi-level supply chain structure where cloud service provider A relies on other sub cloud services, the provider should ensure that any compliance requirements relevant to the provider are:
A.
passed to the sub cloud service providers based on the sub cloud service providers’ geographic location.
B.
passed to the sub cloud service providers.
C.
treated as confidential information and withheld from all sub cloud service providers.
D.
treated as sensitive information and withheld from certain sub cloud service providers.
Page 64 of CCAK Study Guide
A CSP may not be the sole provider of a cloud service. It can be part of multilevel supply chain structure that includes other (sub) cloud services. The CSP can be a provider and a customer at the same time, which can result in multilevel compliance inheritance.
Example: A well-known SaaS video on-demand provider, Netflix, uses another PaaS and IaaS cloud provider, Amazon Web Services (AWS). Any relevant Netflix compliance requirements should be communicated to AWS.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
339dfab
1 month ago