ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 393 discussion

Actual exam question from ISC's CISSP
Question #: 393
Topic #: 1
[All CISSP Questions]

What is the MOST effective way to ensure that a cloud service provider does not access a customer’s data stored within its infrastructure?

  • A. Use the organization’s encryption tools and data management controls.
  • B. Ensure that the cloud service provider will contractually not access data unless given explicit authority.
  • C. Request audit logs on a regular basis.
  • D. Utilize the cloud provider’s key management and elastic hardware security module (HSM) support.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by JohnyDal at Feb. 7, 2023, 4:03 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JohnyDal
Highly Voted 1 year, 11 months ago
Selected Answer: A
Most secure is to avoid the use and reliance of CSP's key infrastructure and only use internal one.
upvoted 7 times
jackdryan
1 year, 7 months ago
A is correct
upvoted 1 times
...
...
KakekGuru
Most Recent 6 months ago
Selected Answer: A
If it were "efficient" I would choose B.
upvoted 2 times
...
GuardianAngel
11 months ago
Usually the CLOUD service providers have the digital key to the encryption so that they can process a user’s data—for example, by indexing the data for future searches. I'm not sure if that means they have a key to ANY encryption used or only if their cloud native processes are used for encryption. I'm still going with answer A. (encryption), but this article could indicate B is the correct answer. https://thesciencebehindit.org/how-secure-is-data-stored-in-the-cloud/#:~:text=Can%20the%20cloud%20computing%20company,the%20data%20for%20future%20searches.
upvoted 1 times
...
Woo7
11 months ago
Selected Answer: B
most effective on a cloud provider would be through contract.
upvoted 1 times
Woo7
11 months ago
changing to b
upvoted 1 times
Woo7
11 months ago
I mean A
upvoted 2 times
...
...
...
YesPlease
1 year ago
Selected Answer: A
Answer A) https://cpl.thalesgroup.com/faq/data-security-in-the-cloud/how-do-i-ensure-the-cloud-provider-does-not-access-my-data
upvoted 1 times
...
Voxycs
1 year, 3 months ago
I don't like this question. If you have to think like a manager then you go with B since you're concerned with processes and cost. However, A makes more operational sense. ChatGPT says to go with A but I believe the answer is B...
upvoted 2 times
...
benllp_sst
1 year, 4 months ago
Selected Answer: B
B is more effective way, because A will generate extra cost on that and I think the exam more focus on high level consideration.
upvoted 2 times
...
Rollingalx
1 year, 10 months ago
A is correct
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel