AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: By creating a key in AWS KMS and enabling DB instance encryption.

The correct option is A. AWS Key Management Service (AWS KMS) allows you to create and manage encryption keys. Enabling encryption for RDS DB instances using AWS KMS ensures that your data at rest is securely encrypted. While options C and D discuss enabling SSL/TLS, these methods are used for encrypting data in transit, not data at rest. Option B involves using AWS Secrets Manager, which is not the appropriate service for managing data encryption keys in this scenario.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: By creating a key in AWS KMS and enabling DB instance encryption.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

How should a solutions architect ensure data at rest encryption for a company's Amazon RDS DB instances?

Exam-Like

By creating a key in AWS KMS and enabling DB instance encryption.

50.0%

By creating an encryption key, storing it in AWS Secrets Manager, and encrypting DB instances with it.

12.5%

By generating an ACM certificate and enabling SSL/TLS for DB instances.

25.0%

By generating an IAM certificate and enabling SSL/TLS for DB instances.

12.5%