Multiple Choice
A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database. Compliance regulations mandate that all personally identifiable information (PII) be encrypted at rest. Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?
A) Deploy AWS Certificate Manager to generate certificates. Use the certificates to encrypt the database volume.
B) Deploy AWS CloudHSM, generate encryption keys, and use the customer master key (CMK) to encrypt database volumes.
C) Configure SSL encryption using AWS Key Management Service customer master keys (AWS KMS CMKs) to encrypt database volumes.
D) Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes.
Correct Answer:
Verified
Correct Answer:
Verified
Q399: A company has deployed a multiplayer game
Q400: A recently acquired company is required to
Q401: A solutions architect must design a solution
Q402: A company has an ecommerce application that
Q403: A company is Re-architecting a strongly coupled
Q405: A recent analysis of a company's IT
Q406: A Solutions Architect must design a web
Q407: A company provides an API to its
Q408: A company is building its web application
Q409: A company hosts a static website on-premises