Answer-first summary for fast verification
Answer: Use AWS KMS for encryption with EC2 role permissions, storing encrypted data in Amazon S3.
The correct answer is C. Using AWS KMS for encryption and storing the encrypted data on Amazon S3 meets the requirements of high security and data availability with the least operational overhead. AWS KMS provides a highly secure way to manage encryption keys and allows for seamless integration with other AWS services, including EC2. Moreover, Amazon S3 ensures high availability and durability for stored data. Option D, while also secure, involves Amazon EBS, which may not provide the same level of data availability as Amazon S3. Option A requires manual updates, adding more operational overhead, and option B involves creating and managing Lambda functions, which is more complex than leveraging built-in AWS services like KMS and S3.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
An EC2-based containerized application requires secure, near real-time encryption and decryption of certificates for communication with other business applications. Identify the solution with minimal operational overhead that also ensures encrypted data is stored in a highly available format.
A
Utilize AWS Secrets Manager for certificate encryption, with manual updates and IAM for access control.
B
Implement an AWS Lambda function with Python cryptography for encryption, stored in Amazon S3.
C
Use AWS KMS for encryption with EC2 role permissions, storing encrypted data in Amazon S3.
D
Employ AWS KMS for encryption with EC2 role permissions, storing encrypted data on Amazon EBS volumes.
No comments yet.