Question #958
A company is using Amazon RDS for their database needs. Which option is an AWS responsibility under the AWS shared responsibility model?
Managing encryption of data within the database
Ensuring physical security of the underlying infrastructure
Applying user-defined access policies to the database
Configuring database connection timeout settings
Explanation
The correct answer is B. AWS handles the security of the cloud, including physical infrastructure (e.g., data centers, hardware, and networking).
- A (Incorrect): Managing encryption (e.g., enabling encryption or managing keys) is the customer's responsibility, even though AWS provides encryption tools.
- C (Incorrect): User-defined access policies (e.g., IAM roles or database user permissions) are configured by the customer.
- D (Incorrect): Database connection timeout settings are part of application/database configuration, managed by the customer.
Key Takeaway: AWS manages physical security and infrastructure, while customers control data, access, and software configurations in RDS.
Answer
The correct answer is: B