Exam AWS Certified Cloud Practitioner CLF-C02 topic 1 question 79 discussion

Generally I don’t like the context of this question. B. could also mean network ACLs, not just security groups at the instance level.

B. Configure firewalls and networks: This is a customer responsibility. Customers have control over configuring security groups, network access control lists (ACLs), and other network-related configurations to control traffic to and from their resources.

B. Configure firewalls and networks: This is a customer responsibility. Customers have control over configuring security groups, network access control lists (ACLs), and other network-related configurations to control traffic to and from their resources.

A. Maintain the security of the AWS Cloud: This is a shared responsibility between AWS and the customer. AWS is responsible for the security of the cloud (such as infrastructure, hardware, software, and facilities), while the customer is responsible for security in the cloud (such as data, identity and access management, applications, etc.). B. Configure firewalls and networks: This is a customer responsibility. Customers have control over configuring security groups, network access control lists (ACLs), and other network-related configurations to control traffic to and from their resources. C. Patch the operating system of Amazon RDS instances: This is not the responsibility of the customer for Amazon RDS. AWS manages the patching of the underlying operating system for RDS instances. Customers are responsible for patching the databases and application software, but not the OS. D. Implement physical and environmental controls: This is a customer responsibility. Customers are responsible for implementing physical security controls to secure their own content, platforms, applications, systems, and networks

https://aws.amazon.com/compliance/shared-responsibility-model/

B for sure

B is correct