Question 1mediummultiple choice
Full question →CLF-C02 · topic practice
Shared Responsibility Model practice questions
Use this page to practise CLF-C02 Shared Responsibility Model practice questions. The goal is not to memorise dumps, but to understand the concept, review the explanation and improve your exam readiness.
What the exam tests
What to know about Shared Responsibility Model
Shared Responsibility Model questions test whether you can apply the concept in context, not just recognise a definition.
How the topic appears in realistic exam-style scenarios.
Which detail in the question changes the correct answer.
How to eliminate plausible but wrong options.
How to connect the question back to the wider exam objective.
Practice set
Shared Responsibility Model questions
10 questions · select your answer, then reveal the explanation
Question 2mediummultiple choice
Full question →A company hosts a web application on an Amazon EC2 instance. The company installs its own application software and configures the operating system. The company also uses AWS Key Management Service (AWS KMS) to create a customer-managed key to encrypt data on the Amazon Elastic Block Store (Amazon EBS) volume attached to the instance. According to the AWS shared responsibility model, which of the following is the responsibility of AWS?
Question 3mediummultiple choice
Full question →A company is migrating its on-premises applications to the AWS Cloud. The Chief Security Officer wants to confirm the division of security responsibilities. According to the AWS Shared Responsibility Model, which of the following tasks is the customer's responsibility?
Question 4mediummultiple choice
Full question →A company is migrating a three-tier web application to AWS. The application will run on Amazon EC2 instances using a custom Linux distribution, and a self-managed MySQL database will be installed on the same instances. The company's security team needs to understand which security responsibilities belong to AWS and which belong to the company under the AWS Shared Responsibility Model. According to this model, who is responsible for applying operating system security patches to the EC2 instances and for updating the MySQL database software?
Question 5mediummultiple choice
Full question →A company is migrating an on-premises application to AWS. The application will run on Amazon EC2 instances and use an Amazon RDS for MySQL database. The security team needs to understand which security controls remain the company's responsibility after the migration. Under the AWS Shared Responsibility Model, which of the following is the customer's responsibility?
Question 6mediummultiple choice
Full question →A company is migrating an on-premises MySQL database to Amazon RDS for MySQL. The security team needs to understand their responsibilities under the AWS Shared Responsibility Model. Which of the following tasks is the customer's responsibility?
Question 7mediummultiple choice
Full question →A company is migrating its customer-facing web application to AWS. The Chief Information Security Officer (CISO) is reviewing the division of security responsibilities. The CISO understands that AWS is responsible for the security of the physical data centers, hardware, and network infrastructure. The company, as the customer, is responsible for securing the application code, customer data, and operating system patches on Amazon EC2 instances. This division of security responsibilities is an example of which fundamental cloud computing concept?
Question 8mediummultiple choice
Full question →A healthcare startup is migrating its patient records database to Amazon RDS for PostgreSQL. The company must comply with HIPAA and ensure that all protected health information (PHI) is encrypted at rest and in transit. Which task is the company responsible for under the AWS shared responsibility model?
Question 9mediummultiple choice
Full question →A startup is migrating a web application to AWS. The application runs on Amazon EC2 instances that use a custom Amazon Machine Image (AMI) with the company's proprietary software. The security team needs to understand which security tasks the company must perform. Under the AWS Shared Responsibility Model, which of the following is the customer's responsibility?
Question 10mediummultiple choice
Full question →A financial services company requires all data stored in Amazon S3 to be encrypted at rest. The company has a compliance policy that states encryption keys must be managed entirely by the customer and must never be stored or managed by the cloud provider. Which encryption option should the company use for Amazon S3?
Watch out for
Common Shared Responsibility Model exam traps
- ▸Answering from memory before reading the full scenario.
- ▸Missing a constraint such as cost, availability, security, scope or command context.
- ▸Choosing a broad answer when the question asks for the most specific fix.
- ▸Ignoring why the wrong options are tempting.
Free account
Track your progress over time
Create a free account to save your results and see which topics improve across sessions.
Focused Shared Responsibility Model sessions
Start a Shared Responsibility Model only practice session
Every question in these sessions is drawn from the Shared Responsibility Model domain — nothing else.
Related practice questions
Related CLF-C02 topic practice pages
Move into related areas when this topic feels solid.
AWS shared responsibility model practice questions
Practise CLF-C02 questions linked to AWS shared responsibility model.
AWS Cloud Practitioner cloud concepts practice questions
Practise CLF-C02 questions linked to AWS Cloud Practitioner cloud concepts.
AWS IAM practice questions
Practise CLF-C02 questions linked to AWS IAM.
AWS pricing practice questions
Practise CLF-C02 questions linked to AWS pricing.
AWS support plans practice questions
Practise CLF-C02 questions linked to AWS support plans.
AWS S3 practice questions
Practise CLF-C02 questions linked to AWS S3.
AWS EC2 practice questions
Practise CLF-C02 questions linked to AWS EC2.
Frequently asked questions
- What does the CLF-C02 exam test about Shared Responsibility Model?
- Shared Responsibility Model questions test whether you can apply the concept in context, not just recognise a definition.
- How should I use these practice questions?
- Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
- Can I practise just Shared Responsibility Model questions in a focused session?
- Yes — the session launcher on this page draws every question from the Shared Responsibility Model domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
- Where can I practise other CLF-C02 topics?
- Use the topic links above to move to related areas, or go back to the CLF-C02 question bank to see all topics.
- Are these real exam questions or dumps?
- These are original practice questions written to test the same concepts the CLF-C02 exam covers. They are not copied from any real exam or dump site.
Shared Responsibility Model only
Mixed CLF-C02 sessionTrack your progress
A free account saves results across sessions and highlights which topics need work.
Sign up freeStudy resources
Exam traps to avoid
- ▸Answering from memory before reading the full scenario.
- ▸Missing a constraint such as cost, availability, security, scope or command context.
- ▸Choosing a broad answer when the question asks for the most specific fix.
- ▸Ignoring why the wrong options are tempting.