Under the AWS shared responsibility model:

• Configuration of security groups (B) - This is a customer responsibility as security groups are virtual firewalls that customers must configure to control inbound and outbound traffic to their AWS resources
• Encryption of customer data on AWS (C) - This is a customer responsibility as customers are responsible for encrypting their own data at rest and in transit

AWS responsibilities include:

• Physical security of AWS facilities (A)
• Management of AWS Lambda infrastructure (D) - AWS manages the underlying infrastructure for serverless services
• Management of network throughput of each AWS Region (E) - AWS manages the global network infrastructure

The shared responsibility model divides security responsibilities where AWS is responsible for security of the cloud (infrastructure), and customers are responsible for security in the cloud (their applications and data).