AWS Certified Cloud Practitioner (CLF-C02) — Question 648

To assist companies with Payment Card Industry Data Security Standard (PCI DSS) compliance in the cloud, AWS provides:

Answer options

• A. physical Inspections of data centers by appointment.
• B. required PCI compliance certifications for any application running on AWS.
• C. an AWS Attestation of Compliance (AOC) report for specific AWS services.
• D. professional PCI compliance services.

Correct answer: C

Explanation

AWS provides customers with self-service access to compliance reports, such as the AWS Attestation of Compliance (AOC), through AWS Artifact to prove the underlying infrastructure is compliant. AWS does not permit physical data center inspections for security reasons, nor does it mandate or automatically certify customer-built applications. Under the Shared Responsibility Model, customers remain responsible for securing and certifying their own workloads hosted on AWS.