Exam CCSP topic 1 question 379 discussion

IaaS is the answer

Answer A (SaaS) is correct. IaaS normally involve server-side key management systems rather than client-side.

Client-side key management systems are most commonly used by Software as a Service (SaaS) providers

Client-side encryption involves using a software tool to generate and manage encryption keys for securing data. This tool, which can be a standalone application, browser extension, or integrated solution, encrypts and decrypts data locally.

IaaS. B is answer

B: IaaS

I'll go with B because in IaaS, the client is responsible for managing the operating system, middleware, applications, and data.

The cloud service category that most commonly uses client-side key management systems is the SaaS (Software as a Service) category. In a SaaS environment, the cloud provider typically manages the underlying infrastructure and security of the platform, while the customer is responsible for managing their own data and access controls. This means that the customer needs to be able to manage their own encryption keys and ensure that their data is protected both in transit and at rest. Client-side key management systems allow customers to retain control over their encryption keys, even when their data is stored in the cloud. This helps to ensure that their data is protected from unauthorized access or disclosure, while also allowing them to maintain compliance with regulatory requirements. Some examples of SaaS applications that commonly use client-side key management systems include cloud storage services, file sharing applications, and collaboration tools.

B is the correct answer

Should be B.

I dont understand why for PaaS

Remote Key Management Service is where the cloud customer owns, operates and maintains a key management system on premises, and their systems deployed in the cloud connect the KMS Client Side Key Management - similar to Remote Key Management service, except that most of the processing and control is done on the customer/cloud user side. Client side looks to put the customer or cloud user in complete control of encryption and decryption keys. FOR THE EXAM: Client-side Key Management viewed as better