ISO/IEC 27017 is a security framework specifically focused on the design, implementation, and management of cloud computing security controls. It provides guidelines for cloud service providers (CSPs) and customers to ensure secure cloud environments.
🔹 Why ISO 27017?
Provides best practices for cloud security implementation.
Extends ISO 27002 with cloud-specific security controls.
Addresses shared security responsibilities between cloud providers and customers.
Why Not the Others?
A. ISO 31000:2009 → Focuses on risk management principles, not cloud security implementation.
C. NIST 800-92 → Covers log management and monitoring, not the overall design and implementation of security frameworks.
D. HIPAA → A U.S. regulation for healthcare data privacy and security, not a design or implementation framework.
This section is not available anymore. Please use the main Exam Page.CCSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MaciekMT
1 month, 3 weeks agoAlenKumar
4 months, 1 week agoakg001
2 years, 4 months agoPegasus_orb
2 years, 9 months agoSa007788
3 years, 8 months ago