Question #849
Which option represents a shared responsibility between AWS and its customers under the AWS shared responsibility model?
Configuration of RDS database parameters
Edge location management for CloudFront
DDoS mitigation measures
Hardware maintenance of data centers
Explanation
In the AWS shared responsibility model:
- C (DDoS mitigation) is correct because AWS handles basic protections (e.g., AWS Shield Standard for DDoS mitigation at the infrastructure level), while customers are responsible for application-layer protections (e.g., using AWS WAF or Shield Advanced).
- A (RDS configuration) is incorrect because configuring database parameters (e.g., security groups, backups) is solely the customer's responsibility.
- B (CloudFront edge locations) is incorrect because AWS fully manages edge location infrastructure and maintenance.
- D (Data center hardware) is incorrect because AWS is fully responsible for physical infrastructure maintenance.
Key Points: AWS manages security of the cloud (infrastructure), while customers manage security in the cloud (data, applications). DDoS mitigation is a shared layer where AWS provides foundational protections, and customers enhance them.
Answer
The correct answer is: C