Answer-first summary for fast verification
Answer: Use AWS Identity and Access Management (IAM) according to the principle of least privilege.
## Explanation According to the AWS Shared Responsibility Model: - **AWS is responsible for "Security OF the Cloud"**: This includes protecting the infrastructure that runs AWS services, patching the underlying operating systems of managed services like DynamoDB, and securing physical access to data centers and edge locations. - **Customer is responsible for "Security IN the Cloud"**: This includes managing user access and permissions using IAM, implementing the principle of least privilege, securing application-level configurations, and protecting customer data. **Why the other options are incorrect:** - **Option A**: AWS patches the operating systems of managed services like DynamoDB - **Option B**: AWS secures physical access to CloudFront edge locations - **Option C**: AWS protects the hardware infrastructure - **Option D**: ✅ **Correct** - Customers are responsible for implementing IAM policies following the principle of least privilege
Author: Ritesh Yadav
Ultimate access to all questions.
Which task is the responsibility of the customer, according to the AWS shared responsibility model?
A
Patch the Amazon DynamoDB operating system.
B
Secure Amazon CloudFront edge locations by allowing physical access according to the principle of least privilege.
C
Protect the hardware that runs AWS services.
D
Use AWS Identity and Access Management (IAM) according to the principle of least privilege.
No comments yet.