AWS Certified SysOps Administrator – Associate (legacy) — Question 554

A SysOps Administrator is deploying an Amazon EC2 instance and is using third-party VPN software to route traffic to an on-premises data center.
Based on the shared responsibility model, AWS is responsible for managing which element of this deployment?

Answer options

• A. Configuring IPsec tunnels for the VPN.
• B. Ensuring high availability of the EC2 instance.
• C. Ensuring high availability of the VPN connection.
• D. Managing the health of the underlying EC2 host.

Correct answer: D

Explanation

Under the AWS Shared Responsibility Model, AWS is responsible for the infrastructure 'of' the cloud, which includes the physical hardware and underlying hosts that run EC2 instances. The customer is responsible for the configuration and software 'in' the cloud, such as managing the guest operating system, configuring the third-party VPN software, and designing the high availability architecture for their instances and network connections.