Under the Shared Responsibility model where there is an application that consumes multiple third-party cloud services, what is one of the main goals of the assessor?
- Confirm what certifications the cloud provider holds.
- Determine the organization treats vulnerabilities and incidents.
- Establish whether the organization has identified security controls of the cloud provider.
- Document what third-party applications are used.
*I will post the answer next week :)
------------------------------
Jenna Morrison
Training Department Intern
Cloud Security Alliance
------------------------------