Answer-first summary for fast verification
Answer: Encrypt EBS and Aurora storage at rest with AWS KMS and secure data in transit with an ACM certificate on the ALB.
The correct answer is C. This option specifies using AWS Key Management Service (AWS KMS) to encrypt the EBS volumes and Aurora database storage at rest, and attaching an AWS Certificate Manager (ACM) certificate to the Application Load Balancer (ALB) to encrypt data in transit. This approach ensures compliance with the requirement that all data be encrypted both at rest and in transit. Options A, B, and D either use incorrect services or incorrect implementation methods for fulfilling these requirements.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company is developing a web-based CRM application utilizing EC2 instances with EBS volumes and an ALB, along with an Amazon Aurora DB. The requirement is to ensure data encryption both at rest and in transit. Identify the solution that fulfills these criteria:
A
Implement AWS KMS for data transit encryption and ACM for encrypting EBS and Aurora storage at rest.
B
Log in with the AWS root account, upload encryption certificates, and enable encryption for all data at rest and in transit.
C
Encrypt EBS and Aurora storage at rest with AWS KMS and secure data in transit with an ACM certificate on the ALB.
D
Encrypt data at rest using BitLocker and import TLS keys into AWS KMS for attaching to the ALB for data transit encryption.
No comments yet.