Shared responsibility model

Question 1

Which statement is true regarding the AWS Shared Responsibility Model?
Responsibilities vary depending on the services used.
Security of the IaaS services is the responsibility of AWS.
Patching the guest OS is always the responsibility of AWS.
Security of the managed services is the responsibility of the customer.

Answer 1

Responsibilities vary depending on the services used.

Question 2

Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?
Ensuring network connectivity from AWS to the internet.
Patching and fixing flaws within the AWS Cloud infrastructure.
Ensuring the physical security of cloud data centers.
Ensuring Amazon EBS volumes are backed up.

Answer 2

Ensuring Amazon EBS volumes are backed up.

Question 3

Under the shared responsibility model, which of the following is the responsibility of AWS?
Client-side encryption.
Configuring infrastructure devices.
Server-side encryption.
Filtering traffic with Security Groups.

Answer 3

Configuring infrastructure devices.

Question 4

According to the AWS Shared responsibility model, which of the following are the responsibility of the customer? (Choose TWO)
Managing environmental events of AWS data centers.
Protecting the confidentiality of data in transit in Amazon S3.
Controlling physical access to AWS Regions.
Ensuring that the underlying EC2 host is configured properly.
Patching applications installed on Amazon EC2.

Answer 4

Patching applications installed on Amazon EC2.

Question 5

Based on the AWS Shared Responsibility Model, which of the following are the sole responsibility of AWS? (Choose TWO)
Monitoring network performance.
Installing software on EC2 instances.
Creating hypervisors.
Configuring Access Control Lists (ACLs).
Hardware maintenance.

Answer 5

Creating hypervisors.
Hardware maintenance.

Question 6

Using Amazon RDS falls under the shared responsibility model. Which of the following are customer responsibilities? (Choose TWO)
Building the relational database schema.
Performing backups.
Managing the database settings.
Patching the database software.
Installing the database software.

Answer 6

Building the relational database schema.
Managing the database settings.

Question 7

Under the Shared Responsibility Model, which of the following controls do customers fully inherit from AWS? (Choose TWO)
Patch management controls.
Database controls.
Awareness & Training.
Environmental controls.
Physical controls.

Answer 7

Environmental controls.
Physical controls.

Question 8

Which of the following is the responsibility of AWS according to the AWS Shared Responsibility Model?
Securing regions and edge locations.
Performing auditing tasks.
Monitoring AWS resources usage.
Securing access to AWS resources.

Answer 8

Securing regions and edge locations.

Question 9

Who is responsible for scaling a DynamoDB database in the AWS Shared Responsibility Model?
Your security team.
Your development team.
AWS.
Your internal DevOps team.

Answer 9

AWS

Question 10

According to the AWS shared responsibility model, what are the controls that customers fully inherit from AWS? (Choose TWO)
Awareness and Training.
Communications controls.
Data center security controls.
Environmental controls.
Resource Configuration Management.

Answer 10

Data center security controls.
Environmental controls.

Question 11

Which task is AWS responsible for in the shared responsibility model for security and compliance?
Granting access to individuals and services.
Encrypting data in transit.
Updating Amazon EC2 host firmware.
Updating operating systems.

Answer 11

Updating Amazon EC2 host firmware.

Question 12

According to the AWS shared responsibility model what is the sole responsibility of AWS?
Application security.
Edge location management.
Patch management.
Client-side data.

Answer 12

Edge location management.

Question 13

Under the AWS shared responsibility model, which of the following activities are the customer’s responsibility? (Select TWO)
Patching operating system components for Amazon Relational Database Server (Amazon RDS).
Encrypting data on the client-side.
Training the data center staff.
Configuring Network Access Control Lists (ACL).
Maintaining environmental controls within a data center.

Answer 13

Encrypting data on the client-side.
Configuring Network Access Control Lists (ACL).

Question 14

Under the shared responsibility model, which of the following is a shared control between a customer and AWS?
Physical controls.
Patch management.
Zone security.
Data center auditing.

Answer 14

Patch management.

Question 15

What is the AWS customer responsible for according to the AWS shared responsibility model?
Physical access controls.
Data encryption.
Secure disposal of storage devices.
Environmental risk management.

Answer 15

Data encryption

Question 16

Which of the following is the customer’s responsibility under the AWS shared responsibility model?
Patching underlying infrastructure
Physical security
Patching Amazon EC2 instances
Patching network infrastructure

Answer 16

Patching Amazon EC2 instances

Question 17

Which of the following is the customer’s responsibility under the AWS shared responsibility model?
Patching underlying infrastructure
Physical security
Patching Amazon EC2 instances
Patching network infrastructure

Question 18

According to the AWS shared responsibility model who is responsible for configuration management?
It is solely the responsibility of the customer.
It is solely the responsibility of AWS.
It is shared between AWS and the customer.
It is not part of the AWS shared responsibility model.

Answer 18

It is shared between AWS and the customer.

Question 19

Under the shared responsibility model, which of the following tasks are the responsibility of the AWS customer? (Select TWO)
Ensuring that application data is encrypted at rest.
Ensuring that AWS NTP servers are set to the correct time.
Ensuring that users have received security training in the use of AWS services.
Ensuring that access to data centers is restricted.
Ensuring that hardware is disposed of properly.

Answer 19

Ensuring that application data is encrypted at rest.
Ensuring that users have received security training in the use of AWS services.

Question 20

Under the shared responsibility model, which of the following is the customer responsible for?
Ensuring that disk drives are wiped after use.
Ensuring that firmware is updated on hardware devices.
Ensuring that data is encrypted at rest.
Ensuring that network cables are category six or higher.

Answer 20

Ensuring that data is encrypted at rest.

Question 21

Under the shared responsibility model which of the following areas are the customer’s responsibility? (Select TWO)
Firmware upgrades of network infrastructure.
Patching of operating systems.
Patching of the underlying hypervisor.
Physical security of data centers.
Configuration of the security group.

Answer 21

Patching of operating systems.
Patching of the underlying hypervisor.

Question 22

Select TWO examples of the AWS shared controls.
Patch Management.
IAM Management.
VPC Management.
Configuration Management.
Data Center operations.

Answer 22

Patch Management.
Configuration Management.

Question 23

What are AWS shared controls?
Controls that are solely the responsibility of the customer based on the application they are deploying within AWS services.
Controls that a customer inherits from AWS.
Controls that apply to both the infrastructure layer and customer layers.
Controls that the customer and AWS collaborate together upon to secure the infrastructure.

Answer 23

Controls that apply to both the infrastructure layer and customer layers.

Question 24

Under the shared responsibility model, which of the following is a shared control between a customer and AWS?
Physical controls.
Patch management.
Zone security.
Data center auditing.

Answer 24

Patch management.

Question 25

Which statement is true regarding the AWS Shared Responsibility Model?
Responsibilities vary depending on the services used.
Security of the IaaS services is the responsibility of AWS.
Patching the guest OS is always the responsibility of AWS.
Security of the managed services is the responsibility of the customer.

Answer 25

Responsibilities vary depending on the services used.

Question 26

Which of the following is a shared control between the customer and AWS?
Providing a key for Amazon S3 client-side encryption.
Configuration of an Amazon EC2 instance.
Environmental controls of physical AWS data centers.
Awareness.

Answer 26

Awareness.

Question 27

AWS Shared Responsibility Model

Answer 27

AWS Shared Responsibility Model
AWS responsibility - Security of the Cloud
Protecting infrastructure (hardware, software, facilities, and networking) that runs all the AWS services
Managed services like S3, DynamoDB, RDS, etc.
Customer responsibility - Security in the Cloud
For EC2 instance, customer is responsible for management of the guest OS (including security patches and updates), firewall & network configuration, IAM
Encrypting application data
Shared controls:
Patch Management, Configuration Management, Awareness & Training