Responsibilities in the Cloud
I've seen that there has always been some confusion or difference of opinion when it comes to who has what responsibility in the cloud.
I'm not here to state anything official, but to just go through what I've observed while studying, and helping others study for the CISSP.
It doesn't matter which source you use to learn about the cloud - if you just know the general concept of why a cloud exists, and how it is utilized, you will be good for the exam.
Hope the video and the PDF helps in your studies, and if you want to add something, leave me a comment!
Some extra notes about the cloud:
One major distinction to note is that you are fully RESPONSIBLE for security in IaaS. The IaaS environment is similar to building your own infrastructure in your office BUT without physical access
When you use SaaS or PaaS, the infrastructure security of your systems is maintained by the cloud service provider
Security is also dependent on the service level agreements, contracts and policies that you put in place before on-boarding. Proper revision of terms of services is critical in SaaS or Paas
Types of Cloud Deployment Models
Types of Cloud Service Models
IaaS - Infrastructure as a Service
PaaS - Platform as a Service
SaaS - Software as a Service