Customer Responsibility under AWS Shared Responsibility Model

Customer Responsibility under AWS Shared Responsibility Model

Question

Which of the following is a customer responsibility under AWS Shared Responsibility Model?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer - D.

Under the AWS shared responsibility model, AWS takes care of infrastructure configuration & management while customers must take care of the resources they launched within AWS.

Option A is incorrect.

Amazon S3 is part of the infrastructure layer & Patching of host OS/Configuration for Amazon S3 is responsibility of AWS.

Option B is incorrect.

AWS has the responsibility for the Logical Access controls for the underlying infrastructure.

Option C is incorrect.

Physical Security of the facilities is AWS responsibility.

For more information on Shared responsibility model, refer to the following URL:

https://aws.amazon.com/compliance/shared-responsibility-model

The AWS Shared Responsibility Model defines the division of security and compliance responsibilities between AWS and its customers. AWS is responsible for security "of" the cloud, meaning the underlying infrastructure and services, while customers are responsible for security "in" the cloud, meaning their applications and data running on top of AWS services.

Out of the options given, the customer responsibility under the AWS Shared Responsibility Model is to patch the guest OS deployed on an Amazon EC2 instance. Therefore, the correct answer is option D.

Explanation of each option:

A. Patching of host OS deployed on Amazon S3: Amazon S3 is a storage service that provides object storage in the cloud. It does not support the deployment of host OS, so patching of host OS is not a customer responsibility for Amazon S3.

B. Logical Access controls for underlying infrastructure: The underlying infrastructure of AWS, such as network and storage, is AWS's responsibility. AWS provides customers with access controls to secure their data, but managing access controls is a shared responsibility.

C. Physical security of the facilities: AWS is responsible for the physical security of its facilities, including the data centers and server rooms where its services are hosted.

D. Patching of guest OS deployed on Amazon EC2 instance: Amazon EC2 is a web service that provides resizable compute capacity in the cloud. Customers are responsible for patching the guest operating system running on an EC2 instance to ensure that it is up to date with the latest security patches.

In summary, customers are responsible for managing the security and compliance of their applications and data running on top of AWS services. AWS is responsible for the security and compliance of the underlying infrastructure and services.