What is an AWS responsibility under the AWS shared responsibility model?
Configure the security group rules that determine which ports are open on an Amazon EC2 Linux instance.
Ensure the security of the internal network in the AWS data centers.
Patch the guest operating system with the latest security patches on Amazon EC2.
Turn on server-side encryption for Amazon S3 buckets.
Explanations:
Configuring security group rules is a customer responsibility. Security groups control inbound and outbound traffic to EC2 instances.
AWS is responsible for securing the underlying infrastructure, including the internal network in their data centers.
Patching the guest OS is the customer’s responsibility. AWS manages the underlying infrastructure, but customers are responsible for their instances.
Turning on server-side encryption for Amazon S3 is the customer’s responsibility, although AWS provides the capability.