Answer-first summary for fast verification
Answer: Use AWS CloudHSM to manage encryption keys, Amazon S3 server-side encryption for data at rest, and AWS Certificate Manager for TLS encryption in transit.
To meet the data security, key management, and compliance requirements, the software development company should use AWS CloudHSM (Cloud Hardware Security Module) to manage and rotate encryption keys with the highest level of security. Amazon S3 server-side encryption should be used to encrypt data at rest, and AWS Certificate Manager should be used to enable TLS encryption for data in transit. This combination of services provides a secure and compliant solution for protecting sensitive customer data and managing encryption keys.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A software development company is building a cloud-based application that processes and stores sensitive customer data. They need to ensure that the data is encrypted at rest and in transit, and that the encryption keys are securely managed and rotated regularly. Additionally, they need to maintain compliance with industry regulations for data protection and auditing. Which combination of AWS services should they use?
A
Use AWS KMS to manage encryption keys, Amazon EFS for encrypted file storage, and AWS Certificate Manager for TLS encryption in transit.
B
Use AWS CloudHSM to manage encryption keys, Amazon S3 server-side encryption for data at rest, and AWS Certificate Manager for TLS encryption in transit.
C
Use AWS Secrets Manager to store and rotate encryption keys, Amazon RDS with encryption for data at rest, and AWS Global Accelerator for secure data transfer.
D
Use AWS KMS to manage encryption keys, Amazon EBS for encrypted data volumes, and AWS WAF for web application security.