A. Configure the AWS provided security group firewall: Customers are responsible for configuring and managing security group firewalls to control inbound and outbound traffic to their AWS resources.
B. Classify company assets in the AWS Cloud: Asset classification is typically a customer responsibility as part of their data governance and security practices.
The other options are not accurate in the context of customer responsibilities:
C. Determine which Availability Zones to use for Amazon S3 buckets: This is more of a design decision and falls under the AWS management responsibilities.
D. Patch or upgrade Amazon DynamoDB: Patching or upgrading services like Amazon DynamoDB is managed by AWS. Customers are not responsible for patching or upgrading the underlying infrastructure or services provided by AWS.
E. Select Amazon EC2 instances to run AWS Lambda on: The selection of underlying infrastructure for serverless services like AWS Lambda is managed by AWS. Customers focus on writing and deploying functions without managing the underlying instances.
A&B.
Not C: S3 is available across all AZ's and customer does not choose the AZ.
Not D: Dynamo DB patching is "of the cloud", not "in the cloud", hence is AWS responsibility
Not E: AWS Lambda is a serverless service
According to the AWS shared responsibility model, AWS manages the security of the cloud (infrastructure), while customers are responsible for security in the cloud (how they configure and manage their resources).
A & C
Customer Responsibilities:
Security Group Configuration: customers are responsible for configuring security groups to manage inbound and outbound traffic for your Amazon EC2 instances. This ensures that only authorized traffic reaches your instances.
S3 Bucket Availability Zones: You have the flexibility to decide in which Availability Zones you want to create and manage your Amazon S3 buckets. This allows you to optimize data placement and redundancy based on your specific needs.
BD
B. Classify company assets in the AWS Cloud.
Customers are responsible for classifying and categorizing their data and assets within the AWS Cloud, understanding the sensitivity of the data, and implementing appropriate security measures based on classification.
D. Patch or upgrade Amazon DynamoDB.
Customers are responsible for managing and maintaining the software and configurations of their AWS resources, including applying patches and upgrades to services like Amazon DynamoDB to ensure their security and performance.
Lambda is a serverless service, so you don't have to manage any of the underlying infrastructure. You would not select an instance for it to run on, AWS would do that behind the scenes.
A and C.
A. Configure the AWS provided security group firewall: This is a customer responsibility. Customers are responsible for configuring security groups to control inbound and outbound traffic for their instances.
C. Determine which Availability Zones to use for Amazon S3 buckets: This is also a customer responsibility. Customers decide in which AWS Availability Zones they want to create and manage their S3 buckets.
AB is the answer. The S3 Standard storage class is designed for 99.99% availability. A customer always has to choose the region to store their data. AWS does not move data between regions unless requested to do so by the customer or a valid and binding legal order. That said, customers can not currently choose which AZ their objects are stored in.
This question is tricky: I was choosing A and C before I revealed and researched the answers. You can only choose the region for an s3 bucket, not the AZ. So A and B it is.
B. Classify company assets in the AWS Cloud.
Classifying and identifying company assets, including sensitive data, is a customer responsibility. This involves understanding the nature of the data and applying appropriate security controls.
C. Determine which Availability Zones to use for Amazon S3 buckets.
Customers are responsible for deciding the geographical regions and specific Availability Zones where their resources (such as Amazon S3 buckets) will be deployed.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TheFivePips
Highly Voted 1 year, 3 months agoachow
Highly Voted 1 year, 3 months agoSir_Kay
Most Recent 2 months agoemmaahmads
2 months, 3 weeks agoAmin_013
4 months, 2 weeks agoaron1621
9 months, 2 weeks agoSegagudi
11 months, 4 weeks agoLinuxChamp
1 year, 2 months agoRuffyit
1 year, 2 months agoevet12
1 year, 3 months agoTheFivePips
1 year, 2 months agoBShelat
1 year, 3 months agostheno
1 year, 4 months agoazhrhsn
1 year, 4 months agoJas14
1 year, 4 months agoolafz
1 year, 3 months agoOripresa
1 year, 4 months agosalthehash
1 year, 4 months agovarunmr2003
1 year, 4 months agoVikJo1978
1 year, 4 months agoFulmi
1 year, 4 months ago