AWS Certified SysOps Administrator – Associate (legacy) — Question 699

A company is auditing their infrastructure to obtain a compliance certification.
Which of the following options are the company's responsibility within the Shared Responsibility Model? (Choose two.)

Answer options

• A. AWS API endpoint SSL Certificates
• B. EC2 Instance Operating System updates
• C. EBS Encryption-at-result algorithms
• D. IAM user password policies
• E. AWS Hypervisor software updates

Correct answer: A, B

Explanation

Under the Shared Responsibility Model, the customer is responsible for security 'in' the cloud, which includes configuring SSL certificates for AWS API endpoints and performing EC2 Instance Operating System updates. AWS is responsible for security 'of' the cloud, which covers the physical infrastructure, hypervisor software updates, and the underlying encryption-at-result algorithms.