Exam AWS Certified Cloud Practitioner CLF-C02 topic 1 question 5 discussion

based on docs, AWS DynamoDB is automatically encrypted your data as default (but RDS you must turn on this feature by your self) ref: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html ref: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html#Overview.Encryption.Determining

C is correct.

If Encryption is default in dynamodb . Then answer will be C. Access to dynamoDb table Right..

Encryption is AWS's responsibility.

C. Access to DynamoDB tables This means that customers are responsible for managing access control to their DynamoDB tables, including configuring IAM policies, roles, and permissions to ensure that only authorized users or services can interact with the tables. This responsibility involves setting up appropriate authentication and authorization mechanisms to protect the data stored in DynamoDB from unauthorized access.

C. Access to DynamoDB tables The customer is responsible for managing access control to their DynamoDB tables, including defining permissions, roles, and policies to control who can access the tables and what actions they can perform. This involves setting up appropriate IAM policies and roles to restrict access to authorized users and applications while adhering to security best practices.

Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.

The customer is responsible for: C. Access to DynamoDB tables

C = CORRECT

C because why should aws has the power to control who will access the tables..🫠

Under the AWS Shared Responsibility Model, the responsibility for certain aspects of a service is divided between AWS and the customer. Regarding Amazon DynamoDB: The customer is responsible for: C. Access to DynamoDB tables This means that the customer is responsible for managing and controlling access to their DynamoDB tables, including setting up appropriate IAM (Identity and Access Management) permissions and policies.

Under the AWS Shared Responsibility Model, the responsibility for certain aspects of a service is divided between AWS and the customer. Regarding Amazon DynamoDB: The customer is responsible for: C. Access to DynamoDB tables This means that the customer is responsible for managing and controlling access to their DynamoDB tables, including setting up appropriate IAM (Identity and Access Management) permissions and policies. AWS is responsible for: A. Physical security of DynamoDB B. Patching of DynamoDB D. Encryption of data at rest in DynamoDB AWS takes care of the physical infrastructure, patches and updates the DynamoDB service, and provides encryption mechanisms for data at rest. It's important for customers to be aware of their responsibilities and configure access controls accordingly to ensure the security of their DynamoDB tables.

https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html#:~:text=DynamoDB%20also%20offers%20encryption%20at%20rest%2C%20which%20eliminates%20the%20operational%20burden%20and%20complexity%20involved%20in%20protecting%20sensitive%20data.%20For%20more%20information%2C%20see%20DynamoDB%20encryption%20at%20rest.

AWS database managed services already implement encryption at rest: https://aws.amazon.com/pm/dynamodb/?gclid=Cj0KCQiA4Y-sBhC6ARIsAGXF1g62nH-xwU3jA3Rijthg64iin_6g_SPOgCaHCeCDs1A7S1s6SxMbnfgaAt4AEALw_wcB&trk=bf64c969-685f-4fc4-b36b-4bcbda56cee7&sc_channel=ps&ef_id=Cj0KCQiA4Y-sBhC6ARIsAGXF1g62nH-xwU3jA3Rijthg64iin_6g_SPOgCaHCeCDs1A7S1s6SxMbnfgaAt4AEALw_wcB:G:s&s_kwcid=AL!4422!3!536324221413!p!!g!!dynamodb!12195830303!119606857400

C is correct

The answer is C. Access to DynamoDB tables. Within the AWS Shared Responsibility Model, Amazon is responsible for the physical security of DynamoDB, patching DynamoDB, and encrypting non-active data in DynamoDB. Customers are responsible for accessing DynamoDB tables.

C. Access to DynamoDB tables Under the AWS Shared Responsibility Model, customers are responsible for managing access to their resources, including controlling who has access to their Amazon DynamoDB tables. This involves setting up and configuring AWS Identity and Access Management (IAM) policies to control authentication and authorization for DynamoDB.