Practice Test

True or False: In the AWS shared responsibility model, security “of” the cloud falls under the customer’s responsibility.

Answer: False

Explanation: AWS is responsible for the security ‘of’ the cloud, such as physical and operational security layers of AWS infrastructure.

Multiple Select: Which of the following fall under AWS’s responsibility as per the shared responsibility model?

  • a) Patching of EC2 Instances
  • b) Protecting AWS data centers
  • c) Operating System on the Instances
  • d) Hypervisor

Answer: b) Protecting AWS data centers, d) Hypervisor

Explanation: AWS’s responsibilities include protecting AWS infrastructure and services, including AWS data centers and underlying cloud infrastructure like hypervisors.

True or False: Data Encryption at Rest falls under AWS’s responsibility as per the shared responsibility model.

Answer: False

Explanation: Data encryption, both at rest and in transit, is typically the responsibility of the AWS customer.

Single Select: Which party is responsible for Security Group configuration in the AWS shared responsibility model?

  • a) AWS
  • b) AWS Customer

Answer: b) AWS Customer

Explanation: The configuration of security groups is considered to be under the customer’s control, as it’s related to the environment that customer creates on the AWS cloud.

Multiple Select: Who is responsible for securing AWS account credentials according to the AWS shared responsibility model?

  • a) AWS
  • b) AWS Customer

Answer: b) AWS Customer

Explanation: As per the shared responsibility model, secure management of AWS account credentials is always a customer responsibility.

True or False: AWS is responsible for the patching and fixing flaws within the infrastructure.

Answer: True

Explanation: AWS manages the underlying infrastructure, so they are responsible for the patching and fixing flaws within the cloud infrastructure.

Single Select: Who is responsible for managing physical access to data centers under the AWS shared responsibility model?

  • a) AWS
  • b) AWS Customers

Answer: a) AWS

Explanation: AWS is solely responsible for managing physical access to AWS data centers.

True or False: The customer is responsible for maintaining secure AWS CloudPlatform configurations.

Answer: True

Explanation: Customers are responsible for the security configurations of the AWS services provisioned in their environment.

Multiple Select: What is the customer responsible for under the AWS shared responsibility model?

  • a) Physical infrastructure
  • b) Network Infrastructure
  • c) Firewall configuration
  • d) Data at rest

Answer: c) Firewall configuration, d) Data at rest

Explanation: The customer is responsible for everything they put on the cloud including firewall configuration and protecting their data at rest.

Single Select: In AWS shared responsibility model, who is responsible for data lifecycle management?

  • a) AWS
  • b) AWS Customer

Answer: b) AWS Customer

Explanation: Customers are responsible for managing their data, including data lifecycle management, encryption at rest/in transit, etc.

Interview Questions

What is the shared responsibility model in AWS?

The shared responsibility model in AWS is a system delineating the responsibilities of security and compliance between AWS and the user. AWS is responsible for the security of the cloud, including its infrastructure, whereas users are responsible for security in the cloud, including their data.

Who is responsible for the security and compliance of applications running on AWS?

The user of AWS services is responsible for the security and compliance of applications running on AWS.

What is the responsibility of AWS under the shared responsibility model?

AWS is responsible for security of the cloud, which includes the physical security of their data centers, the infrastructure, the hardware, software, networking, and facilities that run AWS cloud services.

How secure is the data once it leaves AWS’s direct control in the shared responsibility model?

Once the data leaves AWS’s direct control, its security becomes the responsibility of the user. User data must be encrypted properly by users to maintain its security.

Who is responsible for ensuring that the operating system running on an EC2 instance is secure?

The user of the EC2 instance is responsible for ensuring the operating system’s security.

Which part of the shared responsibility model includes user data?

The ‘security in the cloud’ part of the shared responsibility model includes user data.

Who is responsible for maintaining patch level and security of a database in RDS?

AWS is responsible for maintaining the underlying infrastructure and the patch level of the managed database service, but the user is responsible for setting up appropriate access controls on the database.

How can AWS help with user’s responsibilities in the shared responsibility model?

AWS provides several services and tools like AWS Identity and Access Management (IAM), AWS Shield, AWS Inspector, etc., to help users with their security responsibilities.

What does the term ‘security of the cloud’ refer to in AWS’s shared responsibility model?

‘Security of the cloud’ refers to the security measures that AWS implements and operates, related to the underlying infrastructure that supports all AWS services.

Are users responsible for managing physical hosts and the virtualization layer in AWS Cloud?

No, AWS is responsible for the security of the physical hosts, the virtualization layer, and the physical data centers.

Who is responsible for managing data encryption in the AWS shared responsibility model?

While AWS provides tools for data encryption, the responsibility for using these tools to ensure data encryption lies with the user.

In the shared responsibility model, who is responsible for application security patching?

Application level patching is the customer’s responsibility under the shared responsibility model.

What are customers responsible for in AWS’s shared responsibility model?

Customers are responsible for managing their data (including encryption), classifying their assets, and using Identity and Access Management tools to apply the appropriate permissions.

Who is responsible for the infrastructure management in the AWS shared responsibility model?

AWS is responsible for managing the infrastructure which includes the hardware, software, networking, and facilities that run AWS cloud services.

Who is responsible for firewall configuration in AWS?

Firewall configuration comes under the responsibility of the customer. AWS provides security groups (firewalls) that are customizable but the customer must configure them.

Leave a Reply

Your email address will not be published. Required fields are marked *