Exam AWS Certified Cloud Practitioner topic 1 question 62 discussion

Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include: Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.

https://aws.amazon.com/compliance/shared-responsibility-model/ Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include: Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.

Option B and OPtion C - Shared controls in AWS are patch managment and Cloud awareness and training . AWS SOLE responsibility - Physical and envirinmental controls Shared responsibility between AWS and customer 1. Patch manangement 2. Cloud awareness and traning 3. Configuration management Customer sole responsibility - Zone security

The shared controls in AWS are Patch Management and Cloud awareness and training Physical and envorionmental controls - it is a whole and sole AWS responsibility Patch Management - shared between AWS and customer .. AWS patched the infrastructure and Customer patches their guest OS Cloud awareness and training - shared between AWS ans customer - AWS trains AWS employees and customer will train their own employees ZONE Security - Customer responsibility Application data encryption - Customer responsibility

Patch management and Cloud awareness and training

BC. Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include: Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.

The AWS shared responsibility model outlines the distribution of responsibilities between AWS and the customer when it comes to security and compliance. In this model, the following IT controls are shared: B. Patch management: The responsibility for patch management is shared. AWS is responsible for patching and maintaining the underlying infrastructure, while customers are responsible for patching their own applications and operating systems. C. Cloud awareness and training: This is a shared responsibility as well. AWS provides security recommendations, best practices, and resources, but customers are responsible for ensuring that their staff is trained and aware of cloud security best practices.

B. Patch management C. Cloud awareness and training

Shared Controls: Patch Management; Configuration Management; Awareness & Training and Customer Specific. by: https://aws.amazon.com/compliance/shared-responsibility-model/ P.S: Physical and Environment Controls is a Inherited Controls.

My Answer is A and C. A. Physical and environmental controls Both AWS and the customer share responsibility for physical security and environmental controls. AWS is responsible for securing the underlying infrastructure of data centers and edge locations, while the customer is responsible for physical security controls within their own environment. C. Cloud awareness and training While AWS provides a secure infrastructure, customers are responsible for how they use AWS services securely. This includes educating their teams on AWS best practices and security measures, making cloud awareness and training a shared responsibility. The other options: B. Patch management Patch management is primarily the responsibility of the customer. Customers are responsible for patching the operating systems, applications, and software they deploy on AWS services.

B. Patch management C. Cloud awareness and training

A. Physical and environmental controls: AWS is responsible for providing and maintaining the physical infrastructure and environmental controls of their data centers. This includes measures such as physical access controls, power and cooling, and facility security. However, customers are responsible for implementing their own physical security measures for their own resources deployed on AWS. B. Patch management: AWS is responsible for patching and maintaining the underlying infrastructure and host operating systems of their services. This ensures that the infrastructure is protected from known vulnerabilities. On the other hand, customers are responsible for patching their own applications, operating systems, and virtual machines (EC2 instances) that they deploy on AWS.

B. Patch management C. Cloud awareness and training

A. Physical and environmental controls B. Patch management

A,B are the possible correct options

AB A. Physical and environmental controls: AWS is responsible for ensuring the security and protection of the physical infrastructure of their data centers, including measures like access controls, surveillance, and environmental safeguards. However, customers also play a role in implementing physical and environmental controls within their own premises or within their applications running on AWS. B. Patch management: AWS is responsible for patching and securing the underlying infrastructure and host operating system. However, customers are responsible for managing the patches and updates for their own applications, virtual machines, or containers running on the AWS infrastructure

This question is confisung. According to the doc, it should be A B C https://aws.amazon.com/compliance/shared-responsibility-model/