Responsibilities for Maintaining Infrastructure on AWS

Correct Answers: B and D.

The AWS Documentation mentions the following.

Shared Controls - Controls that apply to both the infrastructure and customer layers, but in completely separate contexts or perspectives.

AWS provides the requirements for the infrastructure.

The customer must provide their own control implementation within their use of AWS services in a shared control.

Examples include:

· Patch Management - AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.

· Configuration Management - AWS maintains its infrastructure devices' configuration, but a customer is responsible for configuring their own guest operating systems, databases, and applications.

· Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.

Options A and C are incorrect since these are the responsibility of AWS.

For more information on the Shared Responsibility Model, please visit the below URL-

https://aws.amazon.com/compliance/shared-responsibility-model/

As a SysOps Administrator, it is crucial to define clear responsibilities for your team members to ensure effective management and maintenance of the infrastructure on AWS.

When it comes to patch management, it is important to ensure that all software and underlying components are up to date with the latest security patches and updates to avoid potential vulnerabilities. However, there are different layers of infrastructure to consider, and patch management responsibilities can be divided into two main areas:

1. Patch management of the underlying physical servers: This responsibility is typically the responsibility of the AWS data center and is not something that the company's SysOps team needs to handle. AWS ensures that the physical servers are up to date with the latest security patches and updates, so option A is not a relevant responsibility for the company's SysOps team.

2. Patch management of the underlying guest OS for EC2 instance: This responsibility falls on the company's SysOps team as they are responsible for managing the EC2 instances running on AWS. EC2 instances are virtual servers running on top of physical servers managed by AWS. The SysOps team is responsible for managing and patching the guest OS on the EC2 instances, which includes keeping up to date with the latest security patches and updates. Therefore, option B is a relevant responsibility for the company's SysOps team.

Regarding inventory management, it is important to have visibility and control over the infrastructure and resources in use. The responsibilities for inventory management can be divided into two main areas:

1. Inventory management for the underlying infrastructure devices: This responsibility is typically the responsibility of the AWS data center and is not something that the company's SysOps team needs to handle. AWS ensures that the underlying infrastructure devices such as routers, switches, and load balancers are in good condition and functioning properly. Therefore, option C is not a relevant responsibility for the company's SysOps team.

2. Inventory management for the underlying databases: This responsibility falls on the company's SysOps team as they are responsible for managing the RDS Instance running on AWS. The SysOps team is responsible for keeping an inventory of the underlying databases, ensuring they are properly configured, secured, and optimized for performance. Therefore, option D is a relevant responsibility for the company's SysOps team.

In summary, the two relevant responsibilities for the company's SysOps team are B. Patch management of the underlying guest OS for EC2 instance, and D. Inventory management for the underlying databases.