Which of the following is the MOST important cloud-specific risk from the CSP's viewpoint?
Which of the following is the MOST important cloud-specific risk from the CSP's viewpoint?
The most important cloud-specific risk from the Cloud Service Provider's (CSP) viewpoint is the isolation control failure. This pertains to the failure to ensure the separation of resources between different customers or tenants. In a cloud environment, proper isolation is critical to prevent one tenant's data from accessing or affecting another tenant's data. Isolation control failure directly impacts the core multi-tenancy feature of cloud computing, making it a crucial cloud-specific risk.
Management plane, if breached, can lead to the compromise of the entire data center.
Isolation control is the closest thing on here I can think of that would be cloud specific, assuming they are talking about the separation of resources between customers. Management plane exist on-prem as well.
"MOST important cloud-specific risk" Management plane breach can happen in or out of cloud. Isolation control failure specific to cloud. My logic
CSP in this context is "Cloud Service Provider" not "Cloud Specific Risk". The only one that makes sense is isolation failure. Meaning they the CSP failed to provide isolation between tenants.
This is a terrible question. None of these are cloud-specific concerns. They all exist in on-prem setups as well. To be clear, you should absolutely separate the management planes of your systems on-prem as well and have strong security to protect it.
The management plane is the single most significant security difference between traditional infrastructure and cloud computing.
"Management plane breach: Arguably, the most important risk is a management plane (management interface) breach. Malicious users, whether internal or external, can affect the entire infrastructure that the management interface controls." https://www.worthinlife.com/security-risks-for-cloud-computing/
The management plane is the core component of cloud infrastructure that allows the CSP to manage, configure, and control the cloud resources. A breach of the management plane can lead to severe consequences, such as unauthorized access to multiple tenants' data, control over the entire infrastructure, and disruption of services.
Not covered in the official book AFAIK. Mentioned in CSA though.
Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
Isolation control failure - means the CSP has failed to protect the customers workloads/data against data breaches. Management plane breach - Means the customer may have exposed their privileged credentials used to manage their cloud portal. The correct answer is: Isolation control failure
Key words "cloud specific risk." Answer is B