← All Interview Questions
Cloud Security Entry Level

What is the shared responsibility model?

S
Situation
Cloud security requires understanding who is responsible for what between provider and customer.
T
Task
Explain the shared responsibility model across IaaS, PaaS, and SaaS.
A
Action
The cloud provider secures the infrastructure OF the cloud. The customer secures what they put IN the cloud. IaaS: customer manages OS, apps, data, network controls. PaaS: customer manages apps and data. SaaS: customer manages data and access. The security responsibility shifts based on service model. AWS, Azure, and GCP each publish their own shared responsibility documentation.
R
Result
This is the most commonly asked cloud security question. Misunderstanding shared responsibility is the leading cause of cloud breaches. Showing you know the nuances across service models demonstrates cloud maturity.

💡 Interview Tips

  • Use specific examples from your experience — generic answers are immediately detected
  • Mention tools, frameworks, and standards by name to demonstrate hands-on knowledge
  • Connect your answer to business outcomes — security exists to protect business value
  • If you lack direct experience, describe how you would approach the scenario methodically

Related Cloud Security Questions

How do you secure Kubernetes?
Senior
What is AWS Security Hub?
Mid
What is Azure Sentinel?
Mid
What is GCP Security Command Center?
Mid
What is CloudTrail logging?
Mid
How do you secure Lambda functions?
Mid