Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 171 discussion

Actual exam question from ISC's CISSP
Question #: 171
Topic #: 1
[All CISSP Questions]

An organization is considering partnering with a third-party supplier of cloud services. The organization will only be providing the data and the third-party supplier will be providing the security controls. Which of the following BEST describes this service offering?

  • A. Platform as a Service (PaaS)
  • B. Anything as a Service (XaaS)
  • C. Infrastructure as a Service (IaaS)
  • D. Software as a Service (SaaS)
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Cww1 at Sept. 6, 2022, 7:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
IT_Guy23
Highly Voted 2 years, 1 month ago
Selected Answer: A
How come all the comments are always so wrong?? If you look it up, in a PAAS, application and data are user managed, while the provider manages the rest. In a SAAS, the user provides nothing. I'm just stunned at these CISSP comments all around.
upvoted 22 times
eboehm
7 months, 2 weeks ago
Love when someone calls out others as wrong when they themselves are very very wrong. If Everything is managed by the provider BUT the data, this is a SAAS. PAAS the customer is still responsible for the Application, and potentially the runtime and middleware as well. They would also be responsible for the code repo and pipeline.
upvoted 3 times
...
splash2357
10 months ago
Examples of PaaS are Google AppEngine, Heroku, AWS lambda, AWS Elastic Beanstalk where you need to bring your own codes. Most of them require you provide your code to the platform and it will help you to run it. The PaaS provider will manage the server and the "executable used to run the code" (sorry for bad english, i dun know the exact term, maybe "runtime"?). You are responsible for the security of the application though. For example, you can upload a python web application (e.g. flask/django) to Google AppEngine/Heroku, you won't need to manage the server (e.g. server hardening, apply server update patches). But you do need to manage the security of your python web app :)
upvoted 3 times
...
Toyeeb
2 years, 1 month ago
In saas, the user provides data. take gmail for example, your mails are your data while the gmail platform is the service you are using.
upvoted 6 times
...
dumdada
1 year, 5 months ago
When you use a SaaS platform like Youtube or Gmail, you provide the Data, the vendor provides EVERYTHING else ...
upvoted 2 times
...
Load full discussion...
...
Joe_Cheng
Highly Voted 2 years, 1 month ago
Selected Answer: D
https://www.ispsystem.com/news/xaas You will know it when you see the photo
upvoted 10 times
SF_NERD
2 years, 1 month ago
This link is the MOST helpful!
upvoted 2 times
...
Vulcan6x9
11 months, 2 weeks ago
the comment on that webpage made me reconsider my thoughts on giving the CISSP exam
upvoted 2 times
...
...
aznbat21
Most Recent 6 months, 2 weeks ago
Selected Answer: D
D is correct. Take a course about cloud and you will know.
upvoted 1 times
...
homeysl
8 months, 1 week ago
Selected Answer: A
PaaS = customer provides code/data and vendor runs it in their cloud
upvoted 1 times
...
GuardianAngel
9 months, 3 weeks ago
SaaS can be something like quicken where they supply the software and security controls, the user with the software subscription just puts their bank account data in quicken using the application to manage it.
upvoted 1 times
...
shmoeee
1 year ago
A is correct: https://res.cloudinary.com/practicaldev/image/fetch/s--9smmBPKg--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/jkfnnrt8lw0ijnf8hlk1.png
upvoted 1 times
...
shmoeee
1 year ago
A is correct: - https://res.cloudinary.com/practicaldev/image/fetch/s--9smmBPKg--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/jkfnnrt8lw0ijnf8hlk1.png
upvoted 1 times
...
HappyDay030303
1 year ago
D: 58%, A: 42% Amazing how many cissp questions on here are so evenly split
upvoted 2 times
...
homeysl
1 year, 1 month ago
Selected Answer: D
D. Data of the customer = Saas
upvoted 1 times
...
74gjd_37
1 year, 2 months ago
Selected Answer: A
It is not a PaaS offering because in a PaaS offering, the third-party supplier would provide a platform for the organization to build, test, and deploy their own applications. In this scenario, the organization is only providing data and is not responsible for building, testing, or deploying any applications. The third-party supplier is also responsible for providing the security controls, which is a component of the software service that the organization will be using. Therefore, it is a SaaS offering rather than a PaaS offering.
upvoted 1 times
...
[Removed]
1 year, 2 months ago
D. Software as a Service (SaaS)
upvoted 1 times
...
BoyBastos
1 year, 2 months ago
Selected Answer: A
A is correct
upvoted 1 times
...
MShaaban
1 year, 3 months ago
I would say A. PaaS, the question is tricky, they said the organisation would provide the data while the cloud provider will provide security controls. Not Software, which means they are just using the cloud provider storage which is a sample of PaaS.
upvoted 2 times
...
Yokota
1 year, 4 months ago
Selected Answer: D
In Software as a Service (SaaS), the service provider hosts and manages software applications, making them accessible to users over the internet. The organization only needs to provide their data or content, while the service provider takes care of the underlying infrastructure, including security controls, updates, and maintenance of the software.
upvoted 2 times
...
NJALPHA
1 year, 7 months ago
The key difference is that SaaS offers a finished workload, while PaaS offers the tools needed to help a business create and manage its own workload -- form available options here SAAS makes more sense for instance office 365 all data related to ADS records identities data are first migrated to AZURE & further from those migrated ADS account mailboxes can be created & same logins can be used for OneDrive/ teams login SSO / MFA via MS authenticator app
upvoted 1 times
...
Jung1999
1 year, 8 months ago
What about the (XaaS)? It seems XaaS include all service from IaaS, SaaS and PaaS but, from in my result of search about XaaS, we can use what only we want. So I think, through the XaaS, we can only subscribe or purchase only code and third-party supplier services as regarding in this question.
upvoted 1 times
Jung1999
1 year, 8 months ago
It's not clear. But I just think about how about XaaS. To be honest when I look around my study book about CISSP, there is no mention about XaaS. Okay. So If XaaS is not the answer then I will go to second choice, the PaaS
upvoted 1 times
...
...
Dee83
1 year, 10 months ago
D. Software as a Service (SaaS) Software as a Service (SaaS) is a cloud computing model in which a third-party supplier provides software applications over the internet on a subscription basis. The organization is only providing the data, and the third-party supplier is providing the security controls, which is a characteristic of a SaaS model. In SaaS, the supplier provides the infrastructure, software, and security controls, while the customer provides the data and access to the service.
upvoted 1 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel