Under the AWS Shared Responsibility Model, which of the following is the CUSTOMER's responsibility?

  1. Patching the hypervisor
  2. Physical security of data centers
  3. Configuring security groups and NACLs ✓
  4. Maintaining the global network infrastructure

Correct answer: Configuring security groups and NACLs

Option C is correct because under the AWS Shared Responsibility Model, customers own the security of what they deploy in the cloud, including configuring virtual firewall rules such as Security Groups and Network ACLs to control inbound and outbound traffic. Option A is incorrect because patching the underlying hypervisor is AWS's responsibility as part of securing the infrastructure that runs cloud services. Option B is incorrect because physical security of data centers is entirely AWS's responsibility and is not accessible or controllable by customers. Option D is incorrect because maintaining the global network infrastructure, including fiber, routers, and edge locations, is an AWS responsibility under the model.

Topic: · shared responsibility model, aws security, security groups, nacl

Practice AWS Cloud Practitioner (CLF-C02) Questions Free