Q: To meet security requirements, a company needs to encrypt a...

Question 301

To meet security requirements, a company needs to encrypt all of its application data in transit while communicating with an Amazon RDS MySQL DB instance. A recent security audit revealed that encryption at rest is enabled using AWS Key Management Service (AWS KMS), but data in transit is not enabled. What should a solutions architect do to satisfy the security requirements?

A. Enable IAM database authentication on the database.

B. Provide self-signed certificates. Use the certificates in all connections to the RDS instance.

C. Take a snapshot of the RDS instance. Restore the snapshot to a new instance with encryption enabled.

D. Download AWS-provided root certificates. Provide the certificates in all connections to the RDS instance.

Question 301

Comments

Leave a Comment