AWS Certified Cloud Practitioner — Question 949

Who has the responsibility to patch the host operating system of an Amazon EC2 instance, according to the AWS shared responsibility model?

Answer options

• A. Both AWS and the customer
• B. The customer only
• C. The EC2 hardware manufacturer
• D. AWS only

Correct answer: D

Explanation

Under the AWS shared responsibility model, AWS is responsible for security 'of' the cloud, which includes maintaining the physical infrastructure and patching the virtualization hypervisor/host operating system. The customer, on the other hand, is responsible for security 'in' the cloud, which includes patching the guest operating system installed on their Amazon EC2 instance. Therefore, the host operating system is patched exclusively by AWS.