Learn about Amazon’s responsibilities under the AWS shared responsibility model, including maintaining physical hardware. Discover the delineation between AWS and customer responsibilities for cloud security.
Table of Contents
Question
Which is AWS’s responsibility under the AWS shared responsibility model?
A. Granting access to customer data
B. Configuring for public or private access for VPCs
C. Maintaining physical hardware
D. Security group configurations
Answer
C. Maintaining physical hardware
Explanation
Maintaining physical hardware is the responsibility of AWS. Customers do not have access to the physical hardware.
Data encryption, security group configurations and VPC configurations are the responsibility of the customer.
According to the AWS shared responsibility model, maintaining physical hardware is AWS’s responsibility.
The shared responsibility model delineates the security responsibilities between AWS and the customer. Under this model:
AWS is responsible for “security of the cloud” – protecting and securing the infrastructure that runs the cloud services. This includes:
- Maintaining the physical hardware, data centers, and network infrastructure
- Ensuring the physical security of data centers against unauthorized access
- Managing the underlying software, hardware, and networking that runs the cloud services
The customer is responsible for “security in the cloud” – properly configuring and using the AWS services they provision. Customer responsibilities include:
- Managing access to their data and resources in the cloud
- Configuring security settings like security groups, network access control lists, and VPC public/private settings
- Securing applications, platforms, operating systems, and data they run on AWS
So in summary, maintaining the physical hardware underlying the cloud infrastructure is the responsibility of AWS, not the customer, based on the clear division of responsibilities in the shared model. The other options like granting data access, VPC public/private settings, and security group configurations fall on the customer’s side.
The shared responsibility model allows AWS to manage security for the underlying cloud while giving customers flexibility and control over their resources running in the cloud. Understanding this division of responsibilities is critical for using the cloud securely.
Getting Started with Security EDSECUv1EN-US assessment question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Getting Started with Security EDSECUv1EN-US assessment and earn Getting Started with Security EDSECUv1EN-US badge.