Answer-first summary for fast verification
Answer: Encrypt SNS components, set key policies for authorized access, and enforce TLS for encrypted connections., Apply server-side encryption to SQS with a customer-managed KMS key, set key policies, and enforce encrypted connections via queue policies.
The correct answers are C and D because they collectively meet the requirements of encrypting data at rest and in transit, and ensuring access control for authorized personnel only. Option C involves encrypting the SNS components, updating key policies for access control, and enforcing encrypted connections using TLS which secures the data in transit and at rest. Option D includes applying server-side encryption for SQS using an AWS KMS customer-managed key and setting key policies for access control, in addition to enforcing encrypted connections for SQS through queue policies, meeting the same criteria.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A hospital is developing a symptom data collection application using Amazon SQS and SNS. The solutions architect must ensure data is encrypted in transit and at rest, and access is restricted to authorized personnel. What steps should be taken to meet these requirements?
A
Enable server-side encryption for SQS and set key policies for authorized access.
B
Implement server-side encryption for SNS using a customer-managed AWS KMS key.
C
Encrypt SNS components, set key policies for authorized access, and enforce TLS for encrypted connections.
D
Apply server-side encryption to SQS with a customer-managed KMS key, set key policies, and enforce encrypted connections via queue policies.