Which tasks are the responsibility of the customer, according to the AWS shared responsibility model?
(Choose two.)
Patch the Amazon RDS operating system.
Upgrade the firmware of the network infrastructure.
Manage data encryption.
Maintain physical access control in an AWS Region.
Grant least privilege access to IAM users.
Explanations:
Amazon RDS is a managed service, and AWS is responsible for patching the underlying operating system. Customers do not need to manage this aspect.
The responsibility for upgrading firmware for network infrastructure falls under AWS, as they manage the hardware and network components in their data centers.
Customers are responsible for managing data encryption for their data, both at rest and in transit, including using AWS tools and services to implement encryption measures.
AWS is responsible for maintaining physical access control in its data centers. Customers do not have control over physical security in AWS Regions.
Customers are responsible for managing access permissions, including granting least privilege access to IAM users, to ensure that users have only the permissions necessary to perform their tasks.
To the best of my knowledge, the answer is:
Manage data encryption.