AWS Certified Cloud Practitioner — Question 777

Which of the following is a customer responsibility according to the AWS shared responsibility model?

Answer options

• A. Apply security patches for Amazon S3 infrastructure devices.
• B. Provide physical security for AWS datacenters.
• C. Install operating system updates on Lambda@Edge.
• D. Implement multi-factor authentication (MFA) for IAM user accounts.

Correct answer: D

Explanation

Under the AWS shared responsibility model, AWS is responsible for the security of the cloud, which includes safeguarding the physical infrastructure and managed services like Amazon S3 and Lambda@Edge. The customer is responsible for security in the cloud, which encompasses data classification, network traffic configuration, and identity and access management. Configuring MFA for IAM user accounts falls directly under the customer's responsibility for securing access to their resources.