A company is migrating its services to a cloud provider and needs to determine which security controls are managed by them and which are managed by the provider. Which document should they refer to for this information?
The cloud provider's responsibility matrix outlines the division of security responsibilities between the provider and the customer. It specifies which security controls are managed by the provider and which are the customer's responsibility. The service level agreement (SLA) typically covers performance metrics like uptime and availability, not the specifics of security responsibilities. The incident response plan details how incidents are managed but doesn't define the division of security controls. The company's internal policies are important but do not inform them of the provider's responsibilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a cloud provider's responsibility matrix?
Open an interactive chat with Bash
How does the shared responsibility model impact cloud security?
Open an interactive chat with Bash
What should be included in a service level agreement (SLA)?