1
Q
Shared Responsibility Model - Overview
A
- Have a strong understanding of the shared responsibility model
- You are responsible for things like EC2 OS patching, antivirus, security groups, etc…
- You are not responsible for things like RDS OS updates, RDS database updates, PHP updates with Elastic Beanstalk, etc…
- Encryption is a shared responsibility (both yours and Amazon)
2
Q
What is Shared Responsibility Model?
A
What is Shared Responsibility Model?
- Security and Compliance is a shared responsibility between AWS and the customer.
- The customer retains control of what security they choose to implement to protect their content, platform, applications, systems, and networks
- AWS is Responsible
- For the security of the cloud (e.g. the infrastructure that runs all of the services offered in the AWS Cloud)
- Global Infrastructure
- Is composed of the hardware, software (Xen, RDS, etc…), networking, and facilities that run AWS Cloud services.
- Managed Services
- S3, DynamoDB, etc…
- Customer is Responsible
- For the security of what is put into the cloud
- Infrastructure as a Service (IaaS)
- Including updates and security patches
- Configuration of AWS provided firewalls
3
Q
Breakdown of responsibility model
A
Infrastructure Services
- This category includes compute services (EC2, EBS, AutoScaling, & VPC)
- With these services you can architect and build a cloud infrastructure using techniques similar to and largely compatible with on premise solutions
- You control the operating system, and configure and operate any identity management system that provides access to the user layer of the virtualized stack
- Customer responsible for
- Amazon Machine Images (AMIs)
- Operating Systems
- Applications
- Data in Transit
- Data at Rest
- Data Stores
- Credentials
- Policies and Configuration
4
Q
Security Model: Infrastructure Services
A
See Image
AWS Cloud Practictioner
flashcards
Decks in class (55)
# Cards
-
Domain 1: Cloud Concepts (26%)2
-
Domain 2: Security and Compliance (25%)5
-
Domain 3: Technology (33%)4
-
Domain 4: Billing and Pricing (16%)2
-
AWS Practice Questions48
-
AWS Key Services - "Technology" 36%46
-
AWS Cloud Architectural Principles6
-
AWS Cloud It's Basic Global Infrastructure5
-
Basic Security and Compliance Aspects of The AWS Platform and The Shared Security Model15
-
Billing, Account Management, and Pricing Models6
-
Udemy Missed Practice Test Questions34
-
Practice Test 3 Missed Questions5
-
Practice Test 2 Missed Questions29
-
Terminology99
-
EC224
-
Identity & Access Management (IAM)11
-
AWS Database Services16
-
Simple Storage Service (S3)18
-
Security13
-
AWS Global Infrastructure3
-
Networking, Content Delivery, and DNS Services12
-
Lambda6
-
Elastic Load Balancing & Auto Scaling5
-
Monitoring, Logging, and Notification Services11
-
Billing and Support Services22
-
Well Architected Framework17
-
Cloud Computing & Deployment Models8
-
Cloud Computing7
-
Support and Billing10
-
S3 10121
-
Technology9
-
EC2 10123
-
Database 10141
-
General Cloud17
-
ACG Exam Questions39
-
Linnux academy questions31
-
Cloud Security17
-
Billing and Pricing37
-
S3 and Cloudfront23
-
EC2 and EBS25
-
Databases13
-
Misc19
-
Final Exam Tips13
-
Weak Topics28
-
Incorrect Questions PT137
-
Incorrect Questions PT235
-
Incorrect Questions PT321
-
01 - AWS Compliance & AWS Artifact1
-
02 - Shared Responsibility Model4
-
03 - AWS WAF & AWS Shield6
-
04 - AWS Inspector vs AWS Trusted Advisor vs CloudTrail5
-
06 - Athena vs Macie2
-
08 - Chp 4 Quiz10
-
AWS Cloud Practicitioner43
-
AWS Comprehension Check1
