Why This Cheat Sheet Matters for CLF-C02
This cheat sheet covers the most important AWS Shared Responsibility Model concepts tested on the CLF-C02 (AWS Cloud Practitioner) certification exam. It contains 3 sections with 11 key points that you should memorize before exam day. Know what AWS secures, what customers secure, and how responsibilities change across IaaS, PaaS, SaaS, and managed AWS services. Use this as a quick-reference guide during your final review sessions.
3Sections
11Key Points
AWS Responsibility
- AWS is responsible for security of the cloud.
- AWS manages physical facilities, hardware, networking, virtualization, and managed service infrastructure.
- For managed services, AWS handles more operational layers, but customers still control data and access.
- AWS publishes compliance reports and agreements through AWS Artifact.
Customer Responsibility
- Customers are responsible for security in the cloud.
- Customers manage IAM permissions, MFA, data classification, encryption choices, and application security.
- For EC2, customers patch guest operating systems and installed software.
- For S3, customers configure bucket policies, public access settings, encryption choices, and lifecycle rules.
Exam Cues
- If the question says physical data center or hardware, the answer is usually AWS.
- If the question says identity, data, application code, or guest OS configuration, the answer is usually customer.
- Managed services reduce customer responsibility but do not remove responsibility for data and access.
Practice Shared Responsibility Questions
Put your knowledge to the test with practice questions.