Exam AWS Certified Cloud Practitioner CLF-C02 topic 1 question 249 discussion

remember AWS is responsible for everything of the cloud and the customer is responsible for everything in the cloud so A and D could be correct if this were a two part answer question but A is the best for the real exam.

A. Configuration management In the AWS shared responsibility model, configuration management is a shared control. AWS is responsible for the infrastructure's configuration management, including the configuration of the hardware, software, networking, and facilities that run AWS services. On the other hand, the customer is responsible for configuration management at the application level, including the security configuration of AWS provided services such as Amazon EC2 instances, Amazon S3 buckets, and Amazon DynamoDB tables. So, both AWS and the customer have responsibilities when it comes to configuration management, making it a shared control.

The answer is A

why it isn't D : "Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions." why it is A : "Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications." https://aws.amazon.com/compliance/shared-responsibility-model

https://aws.amazon.com/compliance/shared-responsibility-model/#:~:text=Configuration%20Management%20%E2%80%93

Answer should be A. IAM responsibilities are handled by the customer.

Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include: Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.

Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.

Reference: https://aws.amazon.com/compliance/shared-responsibility-model/

A is correct "Shared controls: • Patch Management, Configuration Management, Awareness & Training"

Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include: Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.