Cloud Customer Responsibility

C.

Regardless of which cloud-hosting model is used, the cloud customer always has sole responsibility for the governance of systems and data.

The cloud computing service model is divided into three categories: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). In each of these models, the responsibilities of the cloud provider and the cloud customer differ.

The cloud provider is responsible for the security of the cloud infrastructure in all three service models. However, the cloud customer is responsible for securing their data and applications that they run on top of the cloud infrastructure.

In this context, the answer to the question is D. Application. Regardless of the cloud model used, the customer is solely responsible for securing their applications. This includes ensuring that the applications are configured correctly, that access controls are in place, and that data stored by the application is properly protected.

In SaaS, the provider is responsible for the security of the application and the underlying infrastructure, while the customer is responsible for securing their data. In PaaS, the provider is responsible for the security of the platform and infrastructure, while the customer is responsible for securing their applications and data. In IaaS, the provider is responsible for the security of the infrastructure, while the customer is responsible for securing their applications, data, and operating system.

Governance, on the other hand, is a shared responsibility between the cloud provider and the customer. The provider is responsible for ensuring that their services comply with applicable regulations and standards, while the customer is responsible for managing user access, monitoring for compliance, and reporting any incidents to the provider.