PrepAway - Latest Free Exam Questions & Answers

Which of these is a violation of this policy?

You are creating an application which stores extremely sensitive financial information. All information in the system must
be encrypted at rest and in transit. Which of these is a violation of this policy?

PrepAway - Latest Free Exam Questions & Answers

A.
ELB SSL termination.

B.
ELB Using Proxy Protocol v1.

C.
CloudFront Viewer Protocol Policy set to HTTPS redirection.

D.
Telling S3 to use AES256 on the server-side.

Explanation:
Terminating SSL terminates the security of a connection over HTTP, removing the S for “Secure” in HTTPS. This violates
the “encryption in transit” requirement in the scenario.
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-listener-config.html

2 Comments on “Which of these is a violation of this policy?

  1. leonli says:

    it’s kind of tricky. ELB can terminate the incoming SSL and establish another ssl connection with the backed instances with CA or self signed cert.
    However the other answers seems all fine. So may still be A.




    0



    0

Leave a Reply

Your email address will not be published. Required fields are marked *