Question #1230
Which task is the responsibility of the customer under the AWS shared responsibility model?
Manage the physical security of Amazon S3 data centers.
Ensure the AWS Lambda runtime environment is updated with the latest security patches.
Encrypt sensitive data stored in Amazon S3 using either AWS-managed or customer-managed keys.
Maintain the underlying hardware infrastructure for Amazon RDS instances.
Explanation
The correct answer is C. In the AWS shared responsibility model, AWS manages the security of the cloud (e.g., physical data centers, hardware), while customers handle security in the cloud (e.g., data encryption, access controls).
- A is incorrect because AWS manages physical security of data centers.
- B is incorrect because AWS maintains the Lambda runtime environment, including security patches.
- C is correct because customers must decide to encrypt data in S3 using AWS-managed or customer-managed keys.
- D is incorrect because AWS maintains hardware for managed services like RDS.
Key Points: Customers are responsible for data encryption, access policies, and application security. AWS handles infrastructure, physical security, and managed service updates.
Answer
The correct answer is: C