PrepAway - Latest Free Exam Questions & Answers

Which of the following methods can achieve this?

A company is storing data on Amazon Simple Storage Service (S3). The company’s security policy mandates
that data is encrypted at rest. Which of the following methods can achieve this? Choose 3 answers.

PrepAway - Latest Free Exam Questions & Answers

A.
Use Amazon S3 server-side encryption with AWS Key Management Service managed keys.

B.
Use Amazon S3 server-side encryption with customer-provided keys.

C.
Use Amazon S3 server-side encryption with EC2 key pair.

D.
Use Amazon S3 bucket policies to restrict access to the data at rest.

E.
Encrypt the data on the client-side before ingesting to Amazon S3 using their own master key.

F.
Use SSL to encrypt the data while in transit to Amazon S3.

Explanation:
http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html

One Comment on “Which of the following methods can achieve this?

  1. Harichowdary says:

    A , B , E is correct ,Because we can do encryption using server side from KMS ,custom key

    before sending data to server we can also encrypted from client side




    0



    0

Leave a Reply

Your email address will not be published. Required fields are marked *