Question 3
Domain 1: Cloud Architecture, Governance, and Risk ManagementWhich document BEST defines the security responsibilities of a cloud provider versus a cloud customer?
Correct answer: B
Explanation
A service level agreement (SLA) and shared responsibility documentation define who is responsible for security tasks in a cloud model. The SLA sets the provider’s commitments, while shared responsibility documentation explains which controls the customer must manage versus those handled by the provider.
Why each option is right or wrong
A. The cloud provider's marketing brochure
B. The service level agreement (SLA) and shared responsibility documentation
The governing documents for allocating cloud security duties are the service level agreement and the provider’s shared responsibility statement, which together specify who secures the underlying infrastructure and who secures customer-managed assets, configurations, and data. In practice, the SLA is the contractual document that sets the provider’s commitments, while the shared responsibility matrix/documentation identifies the exact control boundaries between provider and customer; without those, the division of duties is not formally defined.
C. A random blog post about cloud security
D. Social media comments about the provider