Which of the following items is the customer responsible for providing to the auditor?
(Choose two.)
Physical data center access logs
AWS CloudTrail logs showing API calls
Amazon EC2 instance system logs
Storage device destruction records
Xen Hypervisor system logs
Explanations:
Physical data center access logs are typically the responsibility of the cloud provider (AWS), not the customer. These logs are related to physical security, which is part of the provider’s shared responsibility model.
AWS CloudTrail logs show API calls made within AWS, and customers are responsible for managing and monitoring their own activity within the AWS environment. Therefore, these logs are the customer’s responsibility to provide.
Amazon EC2 instance system logs are the customer’s responsibility. The customer can access the logs generated by their EC2 instances, which include operating system-level details.
Storage device destruction records are related to the physical destruction of hardware, which is a responsibility of the cloud provider. The customer is not typically involved in this process.
Xen Hypervisor system logs are part of the infrastructure management that is handled by the cloud provider. Customers do not have direct access to these logs, as they relate to the hypervisor layer managed by AWS.