Answer-first summary for fast verification
Answer: By creating an encrypted snapshot, sharing it with the auditor, and providing access to the AWS KMS encryption key.
The most secure way to share the Amazon RDS database with an external auditor is by creating an encrypted snapshot of the database and sharing that snapshot with the auditor. This ensures the data remains encrypted during transit and at rest. Additionally, by allowing access to the AWS Key Management Service (AWS KMS) encryption key, you can maintain control over who can decrypt and access the data. Other methods do not provide the same level of security or require more complex setup and maintenance.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can a company securely share an Amazon RDS database in a private subnet with an external auditor who requires a copy and has a separate AWS account?
A
By creating a read replica and setting up IAM authentication for the auditor.
B
By exporting the database to text files in an S3 bucket and granting the auditor access via a new IAM user.
C
By copying a database snapshot to S3 and providing the auditor access through shared IAM user credentials.
D
By creating an encrypted snapshot, sharing it with the auditor, and providing access to the AWS KMS encryption key.
No comments yet.