For the AWS Shared Responsibility Model, which of the following responsibilities is NOT a part of shared controls by both customer and AWS?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - C.
The global AWS infrastructure including the hardware, software, networking, and facilities is the responsibility of AWS, not the responsibility of the Customer.
Option A is incorrect.
AWS is responsible for patching resources within AWS infrastructure, while customers are responsible for patching guest OS and applications.
Option B is incorrect.
AWS is responsible for configuring resources within AWS infrastructure, while customers are responsible for configuring their guest OS, databases and applications.
Option D is incorrect.
AWS trains for AWS employees while the customer is responsible for training employees within their organizations.
For more information on the Shared responsibility model, refer to the following URL:
https://aws.amazon.com/compliance/shared-responsibility-model/The AWS Shared Responsibility Model outlines the security responsibilities between AWS and the customer. In this model, AWS is responsible for the security "of" the cloud, meaning the underlying infrastructure that runs AWS services. On the other hand, customers are responsible for security "in" the cloud, meaning the security of the data and applications they run on the AWS infrastructure.
Both AWS and the customer share certain security responsibilities, known as "shared controls." These shared controls require a collaborative effort between AWS and the customer to ensure the security of the overall system. The shared controls include:
A. Patch Management: This involves applying patches and updates to the operating system, applications, and software used by both AWS and the customer. AWS is responsible for patching the underlying infrastructure, while the customer is responsible for patching their own applications and software.
B. Configuration Management: This involves configuring security settings for both AWS and customer resources. AWS is responsible for securing the infrastructure, while the customer is responsible for configuring their own resources according to AWS best practices.
D. Training: This involves training personnel to maintain and manage the security of the system. Both AWS and the customer are responsible for training their own personnel on security best practices and procedures.
Answer C is not a part of shared controls by both customer and AWS. This is because the global infrastructure that runs AWS Cloud services is solely the responsibility of AWS. AWS designs, builds, and operates its infrastructure, including data centers, networks, and hardware, to ensure the security, availability, and resiliency of its services. Customers do not have access or control over the global infrastructure that runs AWS Cloud services, and are not responsible for it.
In summary, the AWS Shared Responsibility Model involves shared controls between AWS and the customer, with each party responsible for specific security aspects. Patch management, configuration management, and training are examples of shared controls, while the global infrastructure that runs AWS Cloud services is solely the responsibility of AWS.