(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

The security responsibility for IaaS platforms is divided between the vendor and the customer. Who is responsible for maintaining the OS?

Vendor
Customer
Both vendor and customer
Neither

The correct answer is: Customer

In Infrastructure as a Service (IaaS) environments, customers are responsible for managing the operating system (OS) that runs on the virtual machines they provision. This responsibility includes installing, configuring, updating, and patching the OS, as well as any applications that run on it. The IaaS provider typically manages the underlying physical infrastructure, including hardware, networking, and virtualization layers, but the customer's responsibilities begin at the OS level. This division of responsibilities allows customers to have greater control over their deployed environments, enabling them to tailor their OS configurations to meet specific security and operational needs. It is crucial that customers perform regular updates and security patches to their OS to protect against vulnerabilities, which is part of maintaining a secure application environment in the cloud. The vendor, in contrast, focuses on ensuring the infrastructure's availability and security at the physical level, which does not extend to the customer's specific OS instances. This clearly outlines a shared responsibility model, emphasizing that while the vendor provides the necessary resources, the customer must manage their OS to safeguard their applications and data.