Exam 312-49v10 topic 1 question 715 discussion

(A) ❌ Physical infrastructure and foundational services Managed entirely by AWS (not the customer). (B) ✅ Network configuration of the container services Customer's responsibility — misconfigured security groups, open ports, or public IPs are common breach vectors. (C) ❌ Data management and firewall configuration Partially correct, but abstract concepts, and less container-specific than option B — this overlaps with general cloud storage. Also, AWS doesn't have a traditional firewall for containers; instead, security groups and network ACLs are used. (D) ❌ Application platform and OS security For fully managed services like Fargate or EKS control plane, OS-level security is abstracted by AWS. ----- If you agree: UPVOTE this post to add your vote to the community tally. If you disagree: discuss with citations Both actions crowdsource best answers.

he primary security aspects that were likely managed by the company and not by AWS, which the investigator should first focus on, are: B. Network configuration of the container services D. Application platform and Operating System (OS) security Since the focus is on aspects managed by the company, the correct answer from the provided options would be: B. Network configuration of the container services

For container services such as Amazon RDS, Amazon EMR, and Amazon Elastic Beanstalk, AWS manages the application platform and OS along with the basic infrastructure. Customers here are responsible for data management and firewall configuration that grant them access to the selected container service.