AWS Certified Cloud Practitioner

Explanation

The AWS Shared Responsibility Model divides responsibilities between AWS and the customer:

Correct Answers:

1. A: Configuration management of infrastructure devices is the customer's responsibility. - This is correct. In the shared responsibility model, customers are responsible for configuration management of their resources, including security groups, IAM policies, and application configurations.

2. C: AWS is responsible for protecting the physical cloud infrastructure. - This is correct. AWS is responsible for the security of the cloud, which includes protecting the physical infrastructure (data centers, hardware, networking).

Incorrect Options:

• B: For Amazon S3, AWS operates the infrastructure layer, the operating systems, and the platforms. - This is partially misleading. While AWS manages the infrastructure for S3 (which is a managed service), the statement oversimplifies. For S3, AWS manages the infrastructure, but customers are responsible for configuring access controls, bucket policies, and encryption settings.

• D: AWS is responsible for training the customer's employees on AWS products and services. - This is incorrect. Customer training is the customer's responsibility. AWS provides documentation, training resources, and certifications, but actual employee training is not AWS's responsibility.

• E: For Amazon EC2, AWS is responsible for maintaining the guest operating system. - This is incorrect. For EC2 (Infrastructure as a Service), customers are responsible for maintaining the guest operating system, including patching and updates. AWS is responsible for the underlying hypervisor and physical infrastructure.

Key Concept: The Shared Responsibility Model distinguishes between:

• AWS Responsibility: Security of the cloud (physical infrastructure)

• Customer Responsibility: Security in the cloud (configuration, data, applications, identity management)