{"id":2796,"date":"2019-08-30T06:04:31","date_gmt":"2019-08-30T06:04:31","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=2796"},"modified":"2022-03-03T11:48:46","modified_gmt":"2022-03-03T11:48:46","slug":"shared-responsibility-model","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/","title":{"rendered":"Shared Responsibility Model"},"content":{"rendered":"\n<p>In this, we will learn about Shared Responsibility Model.<\/p>\n\n\n\n<p>Amazon safeguards the AWS infrastructure from <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Vulnerabilities<\/li><li>Intrusions<\/li><li>Fraud<\/li><li>Abuse<\/li><\/ul>\n\n\n\n<p>So as to offer the customers with security capabilities as per their needs.<\/p>\n\n\n\n<p>Multiple and varied AWS cloud services, emphasizes,\ndemarcating responsibility between customer and AWS. <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>AWS is responsible for the physical security of the facilities as well as the infrastructure that includes compute, database, storage and networking resources. <\/li><li>The customer is responsible for software, data and access that sits on top of the infrastructure layer. <\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"310\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/08\/image-266.png\" alt=\"Shared Responsibility Model\" class=\"wp-image-2801\"\/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>AWS Security Responsibilities<\/strong><\/h4>\n\n\n\n<p>In general, AWS considers itself responsible for the\nsecurity of the cloud as a whole, while customers should maintain\nresponsibility for the security of their specific instances.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>AWS Hardware\/Global Infrastructure: this\nincludes regional, available, and edge zones of Amazon&#8217;s cloud infrastructure.\nThis is done through physical security protections, and constant IT\nmaintenance.<\/li><li>AWS Software (Computation, Storage, Database,\nNetworking): Amazon guarantees a secure software platform across all of its\nservices. This aspect of Amazon\u2019s responsibility also refers to AWS security\nservices built by Amazon for use by customers. This can include encryption\nkeys, network monitoring tools, database protection, and more.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Customer Security Responsibilities<\/strong><\/h4>\n\n\n\n<p>Security control responsibility on the customer side is\ndetermined by the AWS Cloud service they select. When a customer chooses any of\nAmazon&#8217;s \u2018Infrastructure as a Service\u2019 (EC2, VPC, S3), the customer has perform\nall of the necessary security configuration and management tasks. This\nincludes:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Customer Data: protection of the businesses data\non the network side, as it enters and exits the cloud service.<\/li><li>Platform, Applications, Identity and Access\nManagement: the customer is responsible for the maintenance and protection of\nthe platform running on the cloud, and all aspects under that. For example, a\ncustomer running a clothing store online will have to ensure protection of its\nshoppers identities and accounts.<\/li><li>Client Side Data Encryption: either through an\nAWS managed encryption key, or through a personal key not provided by AWS.<\/li><li>File System Encryption: When protecting their\ndata at rest, the customer can use an independent protection system, or by\nutilizing a file system protection provided by AWS.<\/li><li>Network Traffic Protections: customers need to\nguarantee the security of all traffic going in and out of the server.<\/li><li>Service and Communications Protection: a customer is responsible for routing and zoning data within specific security environments. <\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"314\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/08\/image-267.png\" alt=\"Shared Responsibility Model\" class=\"wp-image-2802\"\/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Shared Security Responsibilities<\/strong><\/h4>\n\n\n\n<p>AWS using Shared Responsibility Model provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>IT Controls: Not only are IT operations shared\nbetween AWS and its customers, so are the management and operations of said\ncontrols. AWS can help with moderating the customer burden of security methods\nlike firewall maintenance, network level encryption, while also overseeing IT\ncontrols deployment to ensure proper adherence to AWS security regulations.<\/li><li>Patch Management: AWS is responsible for\npatching and fixing flaws within the infrastructure, but customers are\nresponsible for patching their guest OS and applications.<\/li><li>Configuration Management: AWS maintains the\nconfiguration of its infrastructure devices, but a customer is responsible for\nconfiguring their own guest operating systems, databases, and applications.<\/li><li>Awareness &amp; Training: AWS trains AWS\nemployees, but a customer must train their own employees.<\/li><li>Customer Specific: Controls which are solely the\nresponsibility of the customer based on the application they are deploying\nwithin AWS services.<\/li><li>Service and Communications Protection: or Zone\nSecurity which may require a customer to route or zone data within specific\nsecurity environments.<\/li><\/ul>\n\n\n\n<p>Customers should <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>implement access control policies using AWS IAM<\/li><li>configuring AWS Security Groups (firewall) to\nprevent inappropriate access to ports<\/li><li>enabling AWS CloudTrail<\/li><\/ul>\n\n\n\n<h6 class=\"wp-block-heading\">Customers are also responsible for <\/h6>\n\n\n\n<ul class=\"wp-block-list\"><li>enforcing appropriate data loss prevention\npolicies for compliance with internal and external policies, <\/li><li>Detecting and remediating threats arising from\nstolen account credentials or malicious\/accidental misuse of AWS.<\/li><\/ul>\n\n\n\n<p>Amazon is focused on securing its software, hardware, and\nthe facilities where AWS services are located. Amazon\u2019s responsibilities\ninclude securing its <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Computing<\/li><li>Storage<\/li><li>Networking<\/li><li>database services<\/li><li>security configuration of AWS managed services\nlike DynamoDB, RDS, Redshift, Elastic MapReduce, Workspaces, etc.<\/li><\/ul>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>AWS Shared Responsibility Model Summary <\/strong><\/h5>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><\/td><td>Customer<\/td><td>AWS<\/td><\/tr><tr><td>Preventing or detecting when an AWS account has been compromised<\/td><td>x    <\/td><td>  <\/td><\/tr><tr><td>Preventing or detecting a privileged or regular AWS user behaving in an insecure manner<\/td><td>x    <\/td><td><\/td><\/tr><tr><td>Configuring AWS services (except AWS Managed Services) in a secure manner<\/td><td>x    <\/td><td>   <\/td><\/tr><tr><td>Restricting access to AWS services or custom applications to only those users who require it<\/td><td>x    <\/td><td>\n  &nbsp;\n  <\/td><\/tr><tr><td>Updating Guest Operating Systems and applying security patches<\/td><td>x    <\/td><td>\n  &nbsp;\n  <\/td><\/tr><tr><td>Ensuring AWS and custom applications are being used in a manner compliant with internal and external policies<\/td><td>x    <\/td><td>x   <\/td><\/tr><tr><td>Ensuring network security (DoS, MITM, port scanning)<\/td><td>x    <\/td><td>x   <\/td><\/tr><tr><td>Configuring AWS Managed Services in a secure manner<\/td><td><\/td><td>x   <\/td><\/tr><tr><td>Providing physical access control to hardware\/software<\/td><td> &nbsp;   <\/td><td>x   <\/td><\/tr><tr><td>Providing environmental security assurance against things like mass power outages, earthquakes, floods, and other natural disasters<\/td><td><\/td><td>x   <\/td><\/tr><tr><td>Database patching<\/td><td> &nbsp;   <\/td><td>x   <\/td><\/tr><tr><td>Protecting against AWS zero day exploits and other vulnerabilities.<\/td><td><\/td><td>x   <\/td><\/tr><tr><td>Business continuity management (availability, incident response)<\/td><td><\/td><td>x   <\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"334\" height=\"354\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/08\/image-268.png\" alt=\"Shared Responsibility Model\" class=\"wp-image-2803\"\/><\/figure><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In this, we will learn about Shared Responsibility Model. Amazon safeguards the AWS infrastructure from Vulnerabilities Intrusions Fraud Abuse So as to offer the customers with security capabilities as per their needs. Multiple and varied AWS cloud services, emphasizes, demarcating responsibility between customer and AWS. AWS is responsible for the physical security of the facilities&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":53,"menu_order":30,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[2],"tags":[],"class_list":["post-2796","page","type-page","status-publish","hentry","category-amazon-aws"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Shared Responsibility Model - Testprep Training Tutorials<\/title>\n<meta name=\"description\" content=\"Enhance your knowledge level by learning the concepts of Shared Responsibility Model for AWS Certification Exam Preparation Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Shared Responsibility Model - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Enhance your knowledge level by learning the concepts of Shared Responsibility Model for AWS Certification Exam Preparation Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-03T11:48:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/08\/image-266.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/\",\"name\":\"Shared Responsibility Model - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2019-08-30T06:04:31+00:00\",\"dateModified\":\"2022-03-03T11:48:46+00:00\",\"description\":\"Enhance your knowledge level by learning the concepts of Shared Responsibility Model for AWS Certification Exam Preparation Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Certified Solutions Architect Associate (SAA-C03)\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Shared Responsibility Model\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Shared Responsibility Model - Testprep Training Tutorials","description":"Enhance your knowledge level by learning the concepts of Shared Responsibility Model for AWS Certification Exam Preparation Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/","og_locale":"en_US","og_type":"article","og_title":"Shared Responsibility Model - Testprep Training Tutorials","og_description":"Enhance your knowledge level by learning the concepts of Shared Responsibility Model for AWS Certification Exam Preparation Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2022-03-03T11:48:46+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/08\/image-266.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/","name":"Shared Responsibility Model - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2019-08-30T06:04:31+00:00","dateModified":"2022-03-03T11:48:46+00:00","description":"Enhance your knowledge level by learning the concepts of Shared Responsibility Model for AWS Certification Exam Preparation Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/shared-responsibility-model\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"AWS Certified Solutions Architect Associate (SAA-C03)","item":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/"},{"@type":"ListItem","position":3,"name":"Shared Responsibility Model"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2796","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=2796"}],"version-history":[{"count":7,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2796\/revisions"}],"predecessor-version":[{"id":51879,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2796\/revisions\/51879"}],"up":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/53"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=2796"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=2796"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=2796"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}