🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional63 / 124
Question 63 of 124
A financial services company is negotiating with a cloud IaaS provider and wants third-party assurance that the provider has implemented cloud-specific security controls beyond the generic information security controls found in ISO/IEC 27002. The procurement team asks the security architect which certification or standard specifically extends the baseline controls with cloud-oriented implementation guidance and additional controls for both providers and customers. Which standard best meets this requirement?
Reviewed for accuracy · Report an issueNext question