AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
A company is developing an e-commerce application that utilizes Amazon EC2 instances and an Amazon RDS MySQL database. Due to compliance requirements, the company must ensure that data is secured both in transit and at rest. The company is looking for a solution that not only meets these security requirements but also minimizes operational overhead and cost. Which of the following solutions would be the most appropriate for this scenario?
A company is developing an e-commerce application that utilizes Amazon EC2 instances and an Amazon RDS MySQL database. Due to compliance requirements, the company must ensure that data is secured both in transit and at rest. The company is looking for a solution that not only meets these security requirements but also minimizes operational overhead and cost. Which of the following solutions would be the most appropriate for this scenario?
Explanation:
The correct answer is A. This option uses TLS certificates from AWS Certificate Manager (ACM) with an Application Load Balancer to secure data in transit. It also ensures that the database client software uses a TLS connection to Amazon RDS, and enables encryption of the RDS DB instance as well as the Amazon Elastic Block Store (Amazon EBS) volumes that support the EC2 instances. This approach fulfills the requirement to secure data both in transit and at rest, while minimizing operational overhead and cost. Other options involve either unnecessary complexity, additional cost, or are irrelevant to the requirements.