Which duty is the customers responsibility under the AWS shared responsibility model?
What is the AWS Shared Responsibility Model?The AWS shared responsibility model is a concept of dividing responsibilities between AWS and a Customer. Show
The Customer is you. AWS's responsibilities are the security of the cloud. Customer responsibilities are security in the cloud. Shared Responsibility Model VideoW3schools.com collaborates with Amazon Web Services to deliver digital training content to our students. Responsibility of AWSAWS's responsibility is the security of the cloud. AWS manages all infrastructure layers. Some of the infrastructure layers are:
Responsibility of a CustomerCustomers' responsibility is the security of everything they make in AWS Cloud. Customers (you) have complete control over your content. Customer manages AWS services, software, and access to the data. Responsibility differences:
AWS Cloud ExercisesTest Yourself With ExercisesExercise:Fill in the blank Shared responsibility is about security being a responsibility Start the Exercise Question 71 According to the AWS shared responsibility model, who is responsible for managing IAM user access and secret keys? IAM access and secret keys are static, so there is no need to rotate them. The customer is responsible for rotating keys. AWS will rotate the keys whenever required. The AWS Support team will rotate keys when requested by the customer. Answer is The customer is responsible for rotating keys. The customer is responsible for IAM user access and secret keys. Question 72 Who is accountable for security and compliance under the AWS shared responsibility model? The customer is responsible. AWS is responsible. AWS and the customer share responsibility. AWS shares responsibility with the relevant governing body. Answer is AWS and the customer share responsibility. Security and Compliance is a shared responsibility between AWS and the customer. This shared model can help relieve the customer's operational burden as AWS operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. Reference: Question 73 What is the customer's responsibility while using Amazon RDS? Patching and maintenance of the underlying operating system. Managing automatic backups of the database. Controlling network access through security groups. Replacing failed instances in the event of a hardware failure. Answer is Controlling network access through security groups. Use security groups to control what IP addresses or Amazon EC2 instances can connect to your databases on a DB instance. When you first create a DB instance, its firewall prevents any database access except through rules specified by an associated security group. Reference: Question 74 Which of the following operational controls do users completely inherit from AWS as part of the AWS shared responsibility model? Security management of data center Patch management Configuration management User and access management Answer is Security management of data center the question is asking what control was AWS FULLY in control of and then the customer inherit full control. All the choices are either shared control or fully under the customer to begin with and A being the only full AWS control. So A is the answer. Reference: Question 75 All AWS users have access to which AWS Trusted Advisor check? Core checks All checks Cost optimization checks Fault tolerance checks Answer is Core checks What does Trusted Advisor check? Trusted Advisor includes an ever-expanding list of checks in the
following four categories: Reference: Question 76 Which of the following is an example of security in the AWS Cloud under the AWS shared responsibility model? Managing edge locations Physical security Firewall configuration Global infrastructure Answer is Firewall configuration The AWS Shared Responsibility Model – This specifies that AWS is responsible for security of the Cloud while the customer is responsible for security 'in' the Cloud. Question 77 Permissions for which of the following are managed by service control policies (SCPs)? Availability Zones AWS Regions AWS Organizations Edge locations Question 78 According to the AWS shared responsibility model, which job is shared between AWS and the customer? Physical and environmental controls Server hardware management and encryption Application security Patch management and configuration management Answer is Patch management and configuration management Shared Controls: Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include:
Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Reference: Question 79 Which duty is the customer's responsibility while administering AWS Lambda functions under the AWS shared responsibility model? Creating versions of Lambda functions Maintaining server and operating systems Scaling Lambda resources according to demand Updating the Lambda runtime environment Question 80 Which of the following is a duty of the client under the AWS shared responsibility model? (Select two.) Decommissioning of physical storage devices Security group and ACL configuration Patch management of an Amazon RDS instance operating system Controlling physical access to data centers Patch management of an Amazon EC2 instance operating system Answers are; Customers that deploy an Amazon EC2 instance are responsible for management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance. For abstracted services, such as Amazon S3 and Amazon DynamoDB, AWS operates the infrastructure layer, the operating system, and platforms, and customers access the endpoints to store and retrieve data. Reference: Previous QuestionNext Question Quick access to all questions in this examWhat is a customer responsibility under the AWS shared responsibility model when using AWS Lambda?Shared responsibility
Customers themselves are responsible for the security of their code, the storage and accessibility of sensitive data, and identity and access management (IAM) to the Lambda service and within their function.
What is the responsibility of shared responsibility?Sharing responsibility means not telling people what to do but ensuring that everyone feels personally accountable for the future success of the organisation.
What is AWS shared responsibility model?Security and compliance are shared responsibilities between AWS and the customer. Depending on the services deployed, this shared model can help relieve the customer's operational burden.
Which one is responsible of customer AWS?The Shared Responsibility Model
While AWS manages the security of the cloud, security in the cloud is the responsibility of the customer. Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks.
|