ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization is preparing to migrate an on-premises application to Amazon EC2 instances running in a new VPC. During a security review, the cloud team is asked to identify which security and maintenance tasks related to virtualization will be handled by AWS rather than by the company. According to AWS's shared responsibility model, which of the following activities falls under AWS's responsibility at the hypervisor layer?
Configuring iptables rules on each EC2 instance to restrict inbound traffic
Creating and attaching IAM policies that control access to Amazon S3 buckets
Installing operating-system security updates within the guest instances
Applying security patches to the underlying hypervisor that hosts the EC2 instances
In the AWS shared responsibility model, customers are responsible for everything they install and run inside each EC2 instance, including guest operating-system hardening, host-based firewalls, and any IAM policies that govern access to their own resources. AWS, however, retains responsibility for protecting and maintaining the underlying cloud infrastructure that supports those instances-this includes managing and applying security patches to the hypervisor and its supporting host hardware. Therefore, ensuring the hypervisor is up to date and free from known vulnerabilities is an AWS obligation, not the customer's. Configuring iptables inside the instance, keeping the guest OS current, or defining IAM policies all remain customer duties.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS's shared responsibility model?
Open an interactive chat with Bash
What is a hypervisor and why is it important in cloud environments?
Open an interactive chat with Bash
What maintenance tasks are customers responsible for in EC2 instances?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .