Which option is a customer responsibility when using Amazon DynamoDB under the AWS Shared Responsibility Model?

Explanations:

Physical security of DynamoDB is managed by AWS, as it is part of the infrastructure layer that AWS controls. Customers do not have responsibility for the physical security of the data centers where DynamoDB is hosted.

Patching of DynamoDB is also AWS’s responsibility. AWS manages the underlying infrastructure, including software updates and patches for the service. Customers do not need to worry about patching DynamoDB itself.

Access to DynamoDB tables is the customer’s responsibility. Customers must manage user permissions and access controls using AWS Identity and Access Management (IAM) to secure their data and control who can access their DynamoDB resources.

While AWS provides features for encryption of data at rest in DynamoDB, the responsibility for implementing and managing those encryption settings falls on the customer. However, AWS manages the underlying infrastructure necessary for encryption.