Learn which tasks are AWS’s responsibility under the AWS Shared Responsibility Model for the CLF-C02 exam. Understand the division of security responsibilities between AWS and customers.
Table of Contents
Question
In the AWS Shared Responsibility Model, which tasks are AWS’s responsibility? (Select TWO.)
A. Configure IAM
B. Configure EC2 instance security groups
C. Secure access to AWS facilities
D. Apply patches to applications on EC2 instances
E. Maintain infrastructure
Answer
C. Secure access to AWS facilities
E. Maintain infrastructure
Explanation
AWS is responsible for securing physical access to facilities and maintaining infrastructure in the Shared Responsibility Model.
In the AWS Shared Responsibility Model, responsibilities are divided between AWS and its customers to ensure security and compliance. AWS is responsible for managing the security of the cloud, while customers handle security in the cloud.
Tasks That Are AWS’s Responsibility
Secure Access to AWS Facilities (Option C)
AWS ensures physical security at its data centers, including managing access controls, surveillance, and environmental safeguards. This includes securing hardware, networking components, and power systems that support their global infrastructure.
Maintain Infrastructure (Option E)
AWS manages and maintains the underlying infrastructure that powers all its services. This includes hardware, software, networking, virtualization layers, and other foundational elements required to run cloud services securely.
Why These Are AWS’s Responsibilities
AWS operates on a “Security of the Cloud” principle, meaning it handles all aspects of physical infrastructure and global cloud operations. This relieves customers of managing physical servers or facilities while enabling them to focus on configuring their resources securely within the cloud environment.
Tasks That Are NOT AWS’s Responsibility
Configure IAM (Option A): Customers are responsible for setting up Identity and Access Management (IAM) roles, policies, and permissions to secure access to their resources.
Configure EC2 Instance Security Groups (Option B): Customers must configure firewalls (security groups) for their EC2 instances.
Apply Patches to Applications on EC2 Instances (Option D): Customers manage application-level updates and patches for their deployed software.
By understanding this division of responsibilities, you can better prepare for questions on the CLF-C02 exam and ensure effective use of AWS services.
Amazon AWS Certified Cloud Practitioner CLF-C02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified Cloud Practitioner CLF-C02 exam and earn Amazon AWS Certified Cloud Practitioner CLF-C02 certification.