correct - Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include:
Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
Answer is correct A and C Configuration Management and Awareness & Training
Patching the AWS RDS is AWS responsibility!
---------------------------------------------------------------
Shared Controls :
1-Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
2-Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
3-Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
REF---------------------
https://aws.amazon.com/compliance/shared-responsibility-model/#:~:text=Shared%20Controls%20%E2%80%93%20Controls,their%20own%20employees.
Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include:
Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
https://aws.amazon.com/compliance/shared-responsibility-model/
Awareness and training is a shared responsibility between AWS and its customers. AWS provides security training and awareness resources to its customers, but it is ultimately the responsibility of the customer to ensure that their employees are aware of security best practices and how to implement them.
Configuration management is also a shared responsibility. AWS provides tools and resources to help customers manage their configurations, but it is ultimately the responsibility of the customer to ensure that their configurations are secure.
Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
Two controls that are shared under the AWS Shared Responsibility Model are:
A. Awareness and training: AWS provides guidance and resources to customers for establishing a strong security posture, but it is the customer's responsibility to ensure that their employees and contractors are trained and aware of security policies, procedures, and best practices.
E. Service and communications protection or security: AWS is responsible for the security of the underlying infrastructure that supports its cloud services, while the customer is responsible for securing the applications and data that are deployed on top of that infrastructure. The customer must also protect the communication channels used to access and manage their AWS resources.
Therefore, options A and E are the correct answers.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
asad12
Highly Voted 3Â years, 2Â months agoTecatero2001
3Â years, 2Â months agosandordini
3Â years, 1Â month agotheonlyhero
Highly Voted 2Â years, 11Â months agoBobFar
Most Recent 10Â months, 1Â week agoLinuxChamp
10Â months, 1Â week agoLarryLai
1Â year, 3Â months agofndslike
1Â year, 4Â months agoPranava_GCP
1Â year, 4Â months agoman5484
1Â year, 5Â months agokhanda
1Â year, 5Â months agoRammstein
1Â year, 6Â months agoGuru4Cloud
1Â year, 8Â months agoet_learner
1Â year, 9Â months agoRahul96
1Â year, 10Â months agoSaif93
1Â year, 11Â months agoRedes
2Â years, 1Â month agoJA2018
2Â years, 1Â month agojprat
2Â years, 4Â months ago