Question #968
Which option represents a shared responsibility between AWS and the customer under the AWS shared responsibility model?
Patch Management
Hardware lifecycle management
Data encryption at rest
Hypervisor security
Explanation
Under the AWS shared responsibility model, Patch Management (A) is a shared responsibility. AWS is responsible for patching and securing the underlying infrastructure (e.g., hypervisor, hardware, and managed services like RDS). Customers are responsible for patching their guest operating systems, applications, and any custom configurations on services like EC2.
Why other options are incorrect:
- B. Hardware lifecycle management: Fully AWS-owned. AWS manages physical hardware, data centers, and hardware maintenance.
- C. Data encryption at rest: Primarily the customer's responsibility. AWS provides encryption tools (e.g., KMS), but customers must enable and manage encryption settings.
- D. Hypervisor security: Fully AWS-owned. AWS secures the hypervisor layer, and customers have no access to it.
Key Points:
- Shared responsibilities vary by service type (e.g., EC2 vs. RDS).
- Customers always retain responsibility for their data, applications, and access controls.
- AWS handles global infrastructure and foundational services.
Answer
The correct answer is: A