AWS Certified Cloud Practitioner (CLF-C02) — Question 399
A company uses Amazon Aurora as its database service. The company wants to encrypt its databases and database backups.
Which party manages the encryption of the database clusters and database snapshots, according to the AWS shared responsibility model?
Answer options
- A. AWS
- B. The company
- C. AWS Marketplace partners
- D. Third-party partners
Correct answer: B
Explanation
According to the AWS shared responsibility model, the customer is responsible for security 'in' the cloud, which includes data protection and managing encryption settings for Amazon Aurora databases and snapshots. AWS is responsible for security 'of' the cloud, such as protecting the global infrastructure that runs all of the services. Third-party partners or marketplace vendors do not manage a customer's internal database encryption configurations.