Multiple Choice
A Security Engineer must implement mutually authenticated TLS connections between containers that communicate inside a VPC. Which solution would be MOST secure and easy to maintain?
A) Use AWS Certificate Manager to generate certificates from a public certificate authority and deploy them to all the containers.
B) Create a self-signed certificate in one container and use AWS Secrets Manager to distribute the certificate to the other containers to establish trust.
C) Use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a subordinate certificate authority, then create the private keys in the containers and sign them using the ACM PCA API.
D) Use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a subordinate certificate authority, then use AWS Certificate Manager to generate the private certificates and deploy them to all the containers.
Correct Answer:
Verified
Correct Answer:
Verified
Q99: Auditors for a health care company have
Q100: A company has two AWS accounts, each
Q101: A company's Chief Security Officer has requested
Q102: Developers in an organization have moved from
Q103: The InfoSec team has mandated that in
Q105: To meet regulatory requirements, a Security Engineer
Q106: A company has several production AWS accounts
Q107: A company has a customer master key
Q108: A company is building an application on
Q109: A company plans to create individual child