AWS Certified Cloud Practitioner — Question 653

Which aspect of security is the customer’s responsibility, according to the AWS shared responsibility model?

Answer options

• A. Patch and configuration management
• B. Service and communications protection or zone security
• C. Physical and environmental controls
• D. Awareness and training

Correct answer: B

Explanation

According to the AWS shared responsibility model, service and communications protection (such as configuring firewalls, security groups, and network ACLs) is entirely the customer's responsibility. Physical and environmental controls are managed solely by AWS as part of their infrastructure security. Patch management, configuration management, and awareness training are categorized as shared controls, where both AWS and the customer have distinct roles to play.