In AWS, which security aspects are the customer’s responsibility?
(Choose four.)
Security Group and ACL (Access Control List) settings
Decommissioning storage devices
Patch management on the EC2 instance’s operating system
Life-cycle management of IAM credentials
Controlling physical access to compute resources
Encryption of EBS (Elastic Block Storage) volumes
Explanations:
Security Groups and ACLs are configured by the customer to control inbound and outbound traffic to their resources, making it their responsibility.
Decommissioning storage devices is typically managed by AWS as part of their infrastructure management and physical security responsibilities.
Customers are responsible for patch management on the operating systems of their EC2 instances, ensuring they are up-to-date and secure.
Life-cycle management of IAM credentials, including creating, rotating, and deactivating credentials, is the customer’s responsibility to maintain secure access.
Controlling physical access to compute resources is the responsibility of AWS, as they manage the physical security of their data centers.
The encryption of EBS volumes is the customer’s responsibility; they must implement and manage encryption based on their security needs.
I would say the answer is:
Security Group and ACL (Access Control List) settings