An organization has a system in AWS that allows a large number of remote workers to submit data files. File sizes vary from a few kilobytes to several megabytes. A recent audit highlighted a concern that data files are not encrypted while in transit over untrusted networks. Which solution would remediate the audit finding while minimizing the effort required?
A) Upload an SSL certificate to IAM, and configure Amazon CloudFront with the passphrase for the private key.
B) Call KMS.Encrypt() in the client, passing in the data file contents, and call KMS.Decrypt() server-side. Call KMS.Encrypt() in the client, passing in the data file contents, and call KMS.Decrypt() server-side.
C) Use AWS Certificate Manager to provision a certificate on an Elastic Load Balancing in front of the web service's servers.
D) Create a new VPC with an Amazon VPC VPN endpoint, and update the web service's DNS record.
Correct Answer:
Verified
Q5: An application has a requirement to be
Q6: A Security Engineer must design a solution
Q7: A Security Administrator has a website hosted
Q8: A water utility company uses a number
Q9: A threat assessment has identified a risk
Q11: An organization policy states that all encryption
Q12: A company will store sensitive documents in
Q13: A Security Engineer launches two Amazon EC2
Q14: A Systems Engineer has been tasked with
Q15: A company wants to control access to
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents