Which term applies to both the infrastructure layer and the customer layers?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Which term applies to both the infrastructure layer and the customer layers?

Explanation:
In cloud security, some controls span both the infrastructure layer and the customer layer. These are called shared controls because they’re designed to function across the entire stack and typically require collaboration between the cloud provider and the customer to implement and enforce them. The shared responsibility model recognizes that certain protections, while assigned to different parties, affect both sides—for example, coordination during incident response, ongoing vulnerability management, and encryption/key management practices that involve both the provider’s services and the customer’s configurations. This cross-layer applicability and need for joint effort is what makes shared controls the best fit for a term that applies to both layers. Internal Environment isn’t a standard label for cross-layer security controls and focuses more on an isolated area rather than how controls span multiple layers. Vendor viability is a business risk concern, not a security control concept. Risk assessment/risk analysis describes the process of evaluating risk, not a term for controls that apply across layers.

In cloud security, some controls span both the infrastructure layer and the customer layer. These are called shared controls because they’re designed to function across the entire stack and typically require collaboration between the cloud provider and the customer to implement and enforce them. The shared responsibility model recognizes that certain protections, while assigned to different parties, affect both sides—for example, coordination during incident response, ongoing vulnerability management, and encryption/key management practices that involve both the provider’s services and the customer’s configurations. This cross-layer applicability and need for joint effort is what makes shared controls the best fit for a term that applies to both layers.

Internal Environment isn’t a standard label for cross-layer security controls and focuses more on an isolated area rather than how controls span multiple layers. Vendor viability is a business risk concern, not a security control concept. Risk assessment/risk analysis describes the process of evaluating risk, not a term for controls that apply across layers.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy