Question #1001
Which of the following are the customer's responsibilities under the AWS shared responsibility model? (Choose two.)
Ensuring physical security of data centers.
Managing encryption key rotation policies.
Configuring application security settings.
Managing hardware fault tolerance mechanisms.
Updating hypervisor software on AWS servers.
Explanation
The AWS shared responsibility model divides security obligations between AWS and the customer. AWS manages the security of the cloud (e.g., physical data centers, hardware, hypervisor). Customers are responsible for security in the cloud, including:
- B. Managing encryption key rotation policies: Customers must rotate encryption keys used for their data protection, especially when using services like AWS KMS.
- C. Configuring application security settings: Customers must secure their applications, including access controls, authentication, and data handling.
Incorrect options:
- A/D/E: These are AWS responsibilities. AWS ensures physical security (A), hardware fault tolerance (D), and hypervisor updates (E).
Key Points:
- Customers manage data, applications, and encryption.
- AWS handles infrastructure, physical security, and foundational services.
Answer
The correct answer is: BC