An application hosted on AWS is going through an external compliance assessment. An Administrator has been tasked with providing proof of physical security at the facilities that are hosting the application. What should the Administrator do?
A.
Work with AWS support to schedule a tour for the auditors.
B.
Send a copy of the AWS Security whitepaper to the auditors.
C.
Obtain a relevant report from AWS Artifact and share it with the auditors.
D.
Find the address for the AWS Direct Connect facility on the AWS Website.
AWS Artifact provides various compliance reports and documents that can be used as evidence of the physical security measures implemented by AWS at their data centers. The Administrator can access AWS Artifact and obtain the appropriate report that addresses physical security, such as the AWS SOC 1 (formerly SSAE 16/ISAE 3402), SOC 2, or ISO 27001 reports.
These reports typically contain detailed information about AWS's physical security controls, including data center access controls, video surveillance, environmental safeguards, and other relevant security measures.
Correct answer is C.
CAN YOU PROVIDE ME WITH THE AWS DATA CENTER LOCATIONS FOR MY BUSINESS CONTINUITY OR DISASTER RECOVERY POLICY?
AWS keeps our data center locations strictly confidential to maintain the security and privacy of customer data. Locations are disclosed only to AWS employees and contractors who have an approved business need to be at the facility.
Customers can assess the security and resiliency of the AWS physical infrastructure by considering all of the security controls that AWS has in place for its data centers. To support customers evaluating risks related to AWS data centers, AWS provides the AWS Data Center Controls web page and the AWS SOC 2 report available in AWS Artifact.
https://aws.amazon.com/compliance/faq/
Has anyone here checked the AWS Security Whitepaper?
https://d1.awsstatic.com/whitepapers/aws-security-whitepaper.pdf
Clearly states this about Physical and Environmental Security:-
"AWS data centers are state of the art, utilizing innovative architectural and engineering
approaches. Amazon has many years of experience in designing, constructing, and
operating large-scale data centers. This experience has been applied to the AWS
platform and infrastructure. AWS data centers are housed in facilities that are not branded as AWS facilities. Physical access is strictly controlled both at the perimeter
and at building ingress points by professional security staff utilizing video surveillance,
intrusion detection systems, and other electronic means."
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
albert_kuo
10 months, 1 week agoxxxdolorxxx
2 years, 5 months agoKash12345
2 years, 6 months agoSriramps
2 years, 6 months agonarayanan010
2 years, 6 months agoUgoYohansen
2 years, 6 months agokmanickam
2 years, 6 months agoawscertified
2 years, 6 months agonasa86
2 years, 6 months agokteng
2 years, 7 months agoTechhod
2 years, 7 months ago