Which tasks are customer responsibilities, according to the AWS shared responsibility model? (Choose two.)
Which tasks are customer responsibilities, according to the AWS shared responsibility model? (Choose two.)
In the AWS shared responsibility model, certain security and configuration tasks are delegated to the customer. Configuring the AWS-provided security group firewall is a customer responsibility, as it involves managing the rules that control inbound and outbound traffic to resources. Classifying company assets in the AWS Cloud is also a customer responsibility since customers must determine the sensitivity of their data and apply appropriate protection measures. AWS manages the underlying infrastructure for services like Amazon DynamoDB, so customers do not patch or upgrade these services. Additionally, since AWS Lambda is a serverless service, customers do not select Amazon EC2 instances to run their functions. Determining which Availability Zones to use for Amazon S3 buckets is not applicable as customers typically choose the region, not the specific Availability Zone, for S3 buckets.
A&B. Not C: S3 is available across all AZ's and customer does not choose the AZ. Not D: Dynamo DB patching is "of the cloud", not "in the cloud", hence is AWS responsibility Not E: AWS Lambda is a serverless service
A. Configure the AWS provided security group firewall: Customers are responsible for configuring and managing security group firewalls to control inbound and outbound traffic to their AWS resources. B. Classify company assets in the AWS Cloud: Asset classification is typically a customer responsibility as part of their data governance and security practices. The other options are not accurate in the context of customer responsibilities: C. Determine which Availability Zones to use for Amazon S3 buckets: This is more of a design decision and falls under the AWS management responsibilities. D. Patch or upgrade Amazon DynamoDB: Patching or upgrading services like Amazon DynamoDB is managed by AWS. Customers are not responsible for patching or upgrading the underlying infrastructure or services provided by AWS. E. Select Amazon EC2 instances to run AWS Lambda on: The selection of underlying infrastructure for serverless services like AWS Lambda is managed by AWS. Customers focus on writing and deploying functions without managing the underlying instances.
A and C. A. Configure the AWS provided security group firewall: This is a customer responsibility. Customers are responsible for configuring security groups to control inbound and outbound traffic for their instances. C. Determine which Availability Zones to use for Amazon S3 buckets: This is also a customer responsibility. Customers decide in which AWS Availability Zones they want to create and manage their S3 buckets.
AB is the answer. The S3 Standard storage class is designed for 99.99% availability. A customer always has to choose the region to store their data. AWS does not move data between regions unless requested to do so by the customer or a valid and binding legal order. That said, customers can not currently choose which AZ their objects are stored in.
This question is tricky: I was choosing A and C before I revealed and researched the answers. You can only choose the region for an s3 bucket, not the AZ. So A and B it is.
AWS lambda is serverless...and S3 stores its files on various AZ automatically
A,B is ok
son las únicas opciones posibles
customers can choose the region on s3
AB look correct
B. Classify company assets in the AWS Cloud: Customers are responsible for classifying their data and determining the appropriate level of protection based on sensitivity, regulatory requirements, etc. E. Select Amazon EC2 instances to run AWS Lambda on: Customers are responsible for configuring and managing their own resources, including selecting the appropriate instances to run AWS Lambda functions on. The other options involve tasks that are either AWS responsibilities or shared responsibilities:
B. Classify company assets in the AWS Cloud: Customers are responsible for classifying their data and determining the appropriate level of protection based on sensitivity, regulatory requirements, etc. E. Select Amazon EC2 instances to run AWS Lambda on: Customers are responsible for configuring and managing their own resources, including selecting the appropriate instances to run AWS Lambda functions on.
B. Classify company assets in the AWS Cloud. Classifying and identifying company assets, including sensitive data, is a customer responsibility. This involves understanding the nature of the data and applying appropriate security controls. C. Determine which Availability Zones to use for Amazon S3 buckets. Customers are responsible for deciding the geographical regions and specific Availability Zones where their resources (such as Amazon S3 buckets) will be deployed.
bro,with s3 you dont have to select AZs, they are automatically deployed across multiple AZs of a region
https://docs.aws.amazon.com/whitepapers/latest/introduction-devops-aws/shared-responsibility.html
B,E idk why if people dont understand the Lambda function running on EC2 or whats the deal here
Lambda is a serverless service, so you don't have to manage any of the underlying infrastructure. You would not select an instance for it to run on, AWS would do that behind the scenes.
B,E idk why if people dont understand the Lambda function running on EC2 or whats the deal here
AB = CORRECT
BD B. Classify company assets in the AWS Cloud. Customers are responsible for classifying and categorizing their data and assets within the AWS Cloud, understanding the sensitivity of the data, and implementing appropriate security measures based on classification. D. Patch or upgrade Amazon DynamoDB. Customers are responsible for managing and maintaining the software and configurations of their AWS resources, including applying patches and upgrades to services like Amazon DynamoDB to ensure their security and performance.
A & C Customer Responsibilities: Security Group Configuration: customers are responsible for configuring security groups to manage inbound and outbound traffic for your Amazon EC2 instances. This ensures that only authorized traffic reaches your instances. S3 Bucket Availability Zones: You have the flexibility to decide in which Availability Zones you want to create and manage your Amazon S3 buckets. This allows you to optimize data placement and redundancy based on your specific needs.