AWS Environment

Question 1

A ____ is a physical location in the world that consists of two or more Availability Zones (AZs).

Answer 1

Region

Question 2

An _____ is one or more discrete data centers - each with redundant power, networking, and connectivity - house in separate facilities.

Answer 2

AZ (Availability Zone)

Question 3

____________ are endpoints of AWS that are used for caching content. Typically, this consists of CloudFront, Amazon’s CDN (Content Delivery Network).

Answer 3

Edge Locations

Question 4

Cloud service providers adhere to a _______________, which means your security team maintains some responsibilities for security as you move applications, data, containers, and workloads to the cloud, while the provider takes some responsibility, but not all.

Answer 4

Shared Responsibility Model

Question 5

The _______ is responsible for security IN the cloud.

Answer 5

Customer

Question 6

The ________ is responsible for security OF the cloud.

Answer 6

Cloud Provider or AWS

Question 7

What question can you ask yourself to determine who is responsible for an area of AWS services?

Answer 7

“Can you do this yourself in the AWS Management Console?”

Question 8

In regards of the shared responsibility model, who is responsible for: security groups, IAM users, patching EC2 operating systems, patching databases running on EC2?

Answer 8

Customer / You are.

Question 9

In regards of the shared responsibility model, who is responsible for: management of data centers, security cameras within the data center, cabling, patching RDS operating systems?

Answer 9

AWS

Question 10

Who is responsible for encryption?

Answer 10

Both AWS and the Customer. Encryption is a shared responsibility.