AWS Certified SysOps Administrator – Associate (legacy) — Question 414

In AWS, which security aspects are the customer's responsibility? (Choose four.)

Answer options

• A. Controlling physical access to compute resources
• B. Patch management on the EC2 instance s operating system
• C. Encryption of EBS (Elastic Block Storage) volumes
• D. Life-cycle management of IAM credentials
• E. Decommissioning storage devices
• F. Security Group and ACL (Access Control List) settings

Correct answer: B, C, D, F

Explanation

Under the AWS Shared Responsibility Model, AWS secures the infrastructure that runs all of the services offered in the AWS Cloud, which includes physical security of data centers and hardware decommissioning. Customers are responsible for securing their data, configurations, and guest operating systems, which includes OS patching, EBS volume encryption, IAM credential management, and firewall configurations like Security Groups and ACLs.