Which of the following are aspects of the AWS shared responsibility model? (Select TWO.)

Which of the following are aspects of the AWS shared responsibility model? (Select TWO.)
A . Configuration management of infrastructure devices is the customer’s responsibility.
B. For Amazon S3, AWS operates the infrastructure layer, the operating systems, and the platforms.
C. AWS is responsible for protecting the physical cloud infrastructure.
D. AWS is responsible for training the customer’s employees on AWS products and services.
E. For Amazon EC2, AWS is responsible for maintaining the guest operating system.

View Answer

Answer: A,C

Explanation:

AWS responsibility “Security of the Cloud” – AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.

Customer responsibility “Security in the Cloud” C Customer responsibility will be determined by the AWS Cloud services that a customer selects. This determines the amount of configuration work the customer must perform as part of their security responsibilities. For example, a service such as Amazon Elastic Compute Cloud (Amazon EC2) is categorized as Infrastructure as a Service (IaaS) and, as such, requires the customer to perform all of the necessary security configuration and management tasks. Customers that deploy an Amazon EC2 instance are responsible for management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance. For abstracted services, such as Amazon S3 and Amazon DynamoDB, AWS operates the infrastructure layer, the operating system, and platforms, and customers access the endpoints to store and retrieve data. Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.

Shared_Responsibility_Model_V2