(ISC)2 Certified in Cybersecurity Practice Exam

Which type of cloud computing uses a shared responsibility model?

• A. Private
• B. Hybrid
• C. Public
• D. Community

The correct answer is: Public

The shared responsibility model is primarily associated with public cloud computing. In a public cloud environment, the cloud service provider is responsible for the security of the cloud infrastructure, which includes the physical facilities, servers, networking, and virtualization layer. On the other hand, the customer is responsible for securing their data, applications, and identity within that cloud environment. This model delineates the responsibilities of both parties, ensuring that while the provider manages the overall infrastructure security, the customer has control over their resources and must implement appropriate security measures to protect their specific applications and data. In contrast, private cloud environments are typically owned and operated by a single organization, which means the organization assumes full responsibility for all aspects of security. Hybrid clouds combine both private and public infrastructures, but again, the responsibility model can vary and doesn't fit the standard shared responsibility framework as neatly as public clouds. Community clouds, shared among several organizations with similar interests, follow more of a collaborative approach to responsibility that can differ from the established shared responsibility model of public clouds. Thus, public cloud deployments distinctly emphasize the shared responsibility model, making it the correct answer to the question.