Cloud service models are commonly described as stacked layers of responsibility.Software as a Servicedelivers a complete application to the customer, while the provider manages the underlying platform and infrastructure.Platform as a Servicesits one level below SaaS: it provides the managed platform needed to build, deploy, and run applications without the customer having to manage the underlying servers and most core system software.
A defining feature of PaaS is that the provider supplies and manages key platform components such as theoperating system, runtime environment, middleware, web/application servers, and often supporting services like managed databases, messaging, scaling, and patching of the platform layer. The customer typically remains responsible for their application code, configuration, identities and access in the application, data classification and protection choices, and secure development practices. This shared responsibility model is central in cybersecurity guidance because it determines which security controls the provider enforces by default and which controls the customer must implement.
Given the answer options,Operating Systemis the best match because it is a core part of the platform layer that PaaS customers generally do not manage directly. Load balancers and storage can be consumed in multiple models, including IaaS and PaaS, and subscriptions describe a billing approach, not the technical service layer. Therefore, option D correctly reflects what PaaS provides compared to SaaS.
Bottom of Form
Submit