Question #1350
Under the AWS shared responsibility model, which of the following is a responsibility of the customer?
Ensuring the physical integrity of the power and cooling systems in AWS data centers.
Managing the security of the underlying hypervisor that supports EC2 instances.
Encrypting sensitive data stored in Amazon S3 buckets using customer-managed keys.
Monitoring and maintaining the hardware infrastructure for AWS global regions.
Explanation
The correct answer is C. Under the AWS shared responsibility model, AWS manages the security of the cloud (e.g., physical infrastructure, hypervisor), while customers are responsible for security in the cloud (e.g., data encryption, access controls).
- A and D are AWS responsibilities: AWS ensures physical security (power, cooling, hardware) and maintains global infrastructure.
- B is AWS's responsibility: AWS manages hypervisor security for EC2 instances.
- C is the customer's responsibility: Customers must encrypt sensitive data stored in S3, especially when using customer-managed keys (e.g., AWS KMS keys). AWS provides tools, but enabling encryption and key management falls on the customer.
Key Takeaway: Customers retain control over their data, including encryption, access policies, and compliance. AWS handles foundational infrastructure security.
Answer
The correct answer is: C