To address shared monitoring and testing responsibilities in a cloud configuration, which service is typically not provided to the cloud customer?

When managing cloud security, shared responsibility models define the division of security responsibilities between the cloud provider and the customer. In this context, the cloud service provider typically manages the infrastructure, but the customer retains control over certain aspects of security, such as securing their applications and data.

Security control administration is often a responsibility that rests with the cloud customer rather than the provider. This means that while the provider may offer various security measures, the implementation and management of those controls—such as configuring firewalls, managing identity and access management, and ensuring compliance with security policies—are usually tasks for the customer. As a result, cloud customers won't typically receive the direct administration of these security controls from the provider.

In contrast, services related to DLP (Data Loss Prevention) solutions, access to audit logs, and various security information and event management (SIEM) logs are typically provided by the cloud provider as part of their service offerings, enabling the customer to monitor and take action as needed based on that data. These logs and monitoring services are crucial for the customer to maintain visibility into their cloud environment and respond to potential security incidents.