AWS Certified Cloud Practitioner — Question 586

What is an AWS responsibility under the AWS shared responsibility model?

Answer options

• A. Configure the security group rules that determine which ports are open on an Amazon EC2 Linux instance.
• B. Ensure the security of the internal network in the AWS data centers.
• C. Patch the guest operating system with the latest security patches on Amazon EC2.
• D. Turn on server-side encryption for Amazon S3 buckets.

Correct answer: B

Explanation

Under the AWS shared responsibility model, AWS is responsible for securing the infrastructure that runs all of the services offered in the AWS Cloud, which includes physical security and internal data center networking. In contrast, tasks such as managing guest operating system patches, configuring security groups, and enabling encryption are the customer's responsibility. Therefore, ensuring internal network security is a task handled entirely by AWS.