Free Palo Alto Networks Cybersecurity-Apprentice Actual Exam Questions - Question 7 Discussion

D imo, since configuring firewalls is about securing the workloads they run, which the org controls directly. The provider handles the hardware and data center security, but the org needs to set up network protections like firewalls for their VMs. Managing user identities (C) is important too, but sometimes identity management tools are provided by the cloud service itself, so firewall config feels more clearly on the org side here.

This one’s about what the org controls directly. Since A and B are clearly provider’s job, it’s between C and D. Organizations always manage their user accounts and access rights, so I’d say C.

C/D? Managing identities (C) is definitely on the org since they control users, but configuring firewalls (D) is also usually the org’s job to protect their VMs. Both make sense depending on context.

C managing user identities is definitely on the org since they control who gets access; cloud providers don’t manage that part. Firewall setup might be more variable depending on the service level.

It’s D because the cloud provider takes care of the physical infrastructure and data center security, so A and B are definitely off the table. Between C and D, managing user access is part of identity management, but firewall configuration directly controls the security of the organization's own virtual machines, which they have to handle themselves. So D fits better since it’s about securing their workloads specifically.

D imo, since the org usually handles firewall configs for their VMs, while hardware and physical security are on the cloud provider. Identity stuff feels more like a shared thing but mainly on the org side.