Answer-first summary for fast verification
Answer: Implementing client-side encryption for data prior to S3 upload.
The correct answer is option A: Implementing client-side encryption for data prior to S3 upload. This ensures that the data is encrypted at rest before it is uploaded to Amazon S3. Additionally, the data is encrypted in transit if the client-side encryption mechanism is implemented correctly. With client-side encryption, the data is encrypted by the client before it is sent to S3, making sure it remains secure both at rest and during transit.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
How can a solutions architect ensure that log data stored in Amazon S3 buckets within a centralized AWS account is encrypted both at rest and in transit?
A
Implementing client-side encryption for data prior to S3 upload.
B
Utilizing server-side encryption for data as it is uploaded to S3.
C
Establishing bucket policies enforcing server-side encryption with S3-managed keys (SSE-S3).
D
Activating a default encryption setting using an AWS KMS key for S3 bucket encryption.