Exam CCAK topic 1 question 201 discussion

A. Infrastructure as a Service (IaaS) Infrastructure as a Service (IaaS) is the cloud service model that recommends building guardrails for developers and DevOps teams. In an IaaS environment, users have significant control over the infrastructure, including virtual machines, storage, and networks. This level of control requires careful management to prevent misconfigurations and ensure security best practices are followed. Building guardrails involves setting up automated policies and controls that guide developers and DevOps teams in deploying resources securely and efficiently within the IaaS environment. These guardrails help prevent errors, enforce compliance with security standards, and optimize resource usage without constraining the flexibility needed for innovation and development. In contrast, PaaS and SaaS models abstract much of the infrastructure management, reducing the need for such guardrails, while SecaaS focuses on delivering security solutions through the cloud.

P# 28 PaaS governance policies should function like guardrails—allow enough freedom to innovate, but make sure that certain security requirements are always met. P# 351 Automation is used to improve overall security operations unrelated to development. Guardrails, for example, are one form of automation that can remediate misconfigurations in cloud deployments. Many organizations are rapidly integrating automation into their incident response playbooks. Although not all of these are directly DevSecOps, they typically involve leveraging the same automation tools and technologies used by traditional DevOps, but in the security context.