A. Configure the AWS provided security group firewall: Customers are responsible for configuring and managing security group firewalls to control inbound and outbound traffic to their AWS resources.
B. Classify company assets in the AWS Cloud: Asset classification is typically a customer responsibility as part of their data governance and security practices.
The other options are not accurate in the context of customer responsibilities:
C. Determine which Availability Zones to use for Amazon S3 buckets: This is more of a design decision and falls under the AWS management responsibilities.
D. Patch or upgrade Amazon DynamoDB: Patching or upgrading services like Amazon DynamoDB is managed by AWS. Customers are not responsible for patching or upgrading the underlying infrastructure or services provided by AWS.
E. Select Amazon EC2 instances to run AWS Lambda on: The selection of underlying infrastructure for serverless services like AWS Lambda is managed by AWS. Customers focus on writing and deploying functions without managing the underlying instances.
A&B.
Not C: S3 is available across all AZ's and customer does not choose the AZ.
Not D: Dynamo DB patching is "of the cloud", not "in the cloud", hence is AWS responsibility
Not E: AWS Lambda is a serverless service
A & C
Customer Responsibilities:
Security Group Configuration: customers are responsible for configuring security groups to manage inbound and outbound traffic for your Amazon EC2 instances. This ensures that only authorized traffic reaches your instances.
S3 Bucket Availability Zones: You have the flexibility to decide in which Availability Zones you want to create and manage your Amazon S3 buckets. This allows you to optimize data placement and redundancy based on your specific needs.
BD
B. Classify company assets in the AWS Cloud.
Customers are responsible for classifying and categorizing their data and assets within the AWS Cloud, understanding the sensitivity of the data, and implementing appropriate security measures based on classification.
D. Patch or upgrade Amazon DynamoDB.
Customers are responsible for managing and maintaining the software and configurations of their AWS resources, including applying patches and upgrades to services like Amazon DynamoDB to ensure their security and performance.
Lambda is a serverless service, so you don't have to manage any of the underlying infrastructure. You would not select an instance for it to run on, AWS would do that behind the scenes.
A and C.
A. Configure the AWS provided security group firewall: This is a customer responsibility. Customers are responsible for configuring security groups to control inbound and outbound traffic for their instances.
C. Determine which Availability Zones to use for Amazon S3 buckets: This is also a customer responsibility. Customers decide in which AWS Availability Zones they want to create and manage their S3 buckets.
AB is the answer. The S3 Standard storage class is designed for 99.99% availability. A customer always has to choose the region to store their data. AWS does not move data between regions unless requested to do so by the customer or a valid and binding legal order. That said, customers can not currently choose which AZ their objects are stored in.
This question is tricky: I was choosing A and C before I revealed and researched the answers. You can only choose the region for an s3 bucket, not the AZ. So A and B it is.
B. Classify company assets in the AWS Cloud.
Classifying and identifying company assets, including sensitive data, is a customer responsibility. This involves understanding the nature of the data and applying appropriate security controls.
C. Determine which Availability Zones to use for Amazon S3 buckets.
Customers are responsible for deciding the geographical regions and specific Availability Zones where their resources (such as Amazon S3 buckets) will be deployed.
B. Classify company assets in the AWS Cloud: Customers are responsible for classifying their data and determining the appropriate level of protection based on sensitivity, regulatory requirements, etc.
E. Select Amazon EC2 instances to run AWS Lambda on: Customers are responsible for configuring and managing their own resources, including selecting the appropriate instances to run AWS Lambda functions on.
B. Classify company assets in the AWS Cloud: Customers are responsible for classifying their data and determining the appropriate level of protection based on sensitivity, regulatory requirements, etc.
E. Select Amazon EC2 instances to run AWS Lambda on: Customers are responsible for configuring and managing their own resources, including selecting the appropriate instances to run AWS Lambda functions on.
The other options involve tasks that are either AWS responsibilities or shared responsibilities:
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TheFivePips
Highly Voted 10 months, 3 weeks agoachow
Highly Voted 11 months, 2 weeks agoAmin_013
Most Recent 2 days, 10 hours agoaron1621
5 months agoSegagudi
7 months, 2 weeks agoLinuxChamp
10 months agoRuffyit
10 months, 2 weeks agoevet12
10 months, 3 weeks agoTheFivePips
10 months, 2 weeks agoBShelat
11 months, 1 week agostheno
11 months, 3 weeks agoazhrhsn
12 months agoJas14
12 months agoolafz
11 months, 2 weeks agoOripresa
1 year agosalthehash
1 year agovarunmr2003
11 months, 3 weeks agoVikJo1978
1 year agoFulmi
1 year agoaxat
1 year agoaxat
1 year ago