AWS Certified Cloud Practitioner / Question #1311 of 719

Question #1311

Which task is the responsibility of AWS, according to the AWS shared responsibility model?

A

Encrypting data at rest within Amazon EC2 instances.

B

Configuring network access rules for Amazon RDS instances.

C

Ensuring the physical security of AWS global infrastructure.

D

Managing user authentication for applications hosted on AWS.

Explanation

The correct answer is C. According to the AWS shared responsibility model, AWS manages the security of the cloud, which includes physical security of data centers, hardware, and global infrastructure. Customers are responsible for security in the cloud, such as encrypting data (A), configuring network rules (B), and managing user authentication (D).

- Option A: Encrypting data at rest in EC2 instances is the customer's responsibility. AWS provides tools (e.g., AWS KMS), but implementation is up to the user.
- Option B: Configuring network access rules (e.g., security groups for RDS) is managed by the customer.
- Option D: User authentication for applications is the customer's responsibility (e.g., IAM policies, application-level authentication).
- Key Point: AWS handles physical/global infrastructure security; customers manage data, configurations, and access controls.

Answer

The correct answer is: C