AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Your company is using Amazon API Gateway to expose its APIs to external clients. To ensure the confidentiality and integrity of data in transit, which of the following steps should you take?
Your company is using Amazon API Gateway to expose its APIs to external clients. To ensure the confidentiality and integrity of data in transit, which of the following steps should you take?
Explanation:
Encryption at rest (A) protects data when it is stored, but it does not protect data during transit. A VPN gateway (C) provides secure connectivity but does not encrypt the data itself. The correct approach (D) is to enable encryption in transit using SSL/TLS for all API calls to the API Gateway. This ensures that the data is encrypted and protected during transit between the clients and the API Gateway. Requiring TLS (B) is a part of this process, but the question specifically asks for steps to ensure confidentiality and integrity, which includes enabling SSL/TLS encryption.