ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 641 discussion

Actual exam question from CompTIA's CAS-004
Question #: 641
Topic #: 1
[All CAS-004 Questions]

A CRM company leverages a CSP PaaS service to host and publish its SaaS product. Recently, a large customer requested that all infrastructure components must meet strict regulatory requirements, including configuration management, patch management, and life-cycle management. Which of the following organizations is responsible for ensuring those regulatory requirements are met?

  • A. The CRM company
  • B. The CRM company's customer
  • C. The CSP
  • D. The regulatory body
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Bright07 at March 5, 2025, 1:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
f4dbb0f
2 weeks, 3 days ago
Selected Answer: C
🏗️ Shared Responsibility Model (in PaaS): Component Responsibility Physical infrastructure CSP OS, platform, middleware CSP App code, data, and configurations CRM company (SaaS vendor) So when the question specifies "infrastructure components" under a PaaS model, the CSP is responsible for ensuring that these components meet regulatory requirements — not the CRM company directly.
upvoted 1 times
...
Bright07
3 months, 3 weeks ago
Selected Answer: A
The correct answer is A. The CRM company. In a Platform as a Service (PaaS) model, the cloud service provider (CSP) is responsible for managing the underlying infrastructure and platform, but the CRM company (the SaaS provider) is responsible for ensuring that the application and its configuration meet the specific regulatory requirements of their customers. These regulatory requirements typically cover aspects such as configuration management, patch management, and life-cycle management, which are critical for maintaining compliance with industry-specific regulations (e.g., HIPAA, GDPR, PCI DSS). Even though the CSP handles the infrastructure, the CRM company, as the SaaS provider, is responsible for ensuring that its use of the platform complies with those regulations, especially in terms of how they configure, manage, and operate their application.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel