AWS Certified Cloud Practitioner (CLF-C02) — Question 541

Which task is the responsibility of the customer, according to the AWS shared responsibility model?

Answer options

• A. Patch the Amazon DynamoDB operating system.
• B. Secure Amazon CloudFront edge locations by allowing physical access according to the principle of least privilege.
• C. Protect the hardware that runs AWS services.
• D. Use AWS Identity and Access Management (IAM) according to the principle of least privilege.

Correct answer: D

Explanation

Under the AWS shared responsibility model, AWS manages the security 'of' the cloud, which includes physical infrastructure, hardware, and managed services like Amazon DynamoDB. The customer is responsible for security 'in' the cloud, which includes managing access controls and permissions via AWS Identity and Access Management (IAM) using the principle of least privilege.