A company has an application that uses an Amazon RDS PostgreSQL database. The company is developing an application feature that will store sensitive information for an individual in the database. During a security review of the environment, the company discovers that the RDS DB instance is not encrypting data at rest. The company needs a solution that will provide encryption at rest for all the existing data and for any new data that is entered for an individual. Which combination of options can the company use to meet these requirements? (Choose two.)
A) Create a snapshot of the DB instance. Copy the snapshot to a new snapshot, and enable encryption for the copy process. Use the new snapshot to restore the DB instance.
B) Modify the configuration of the DB instance by enabling encryption. Create a snapshot of the DB instance. Use the snapshot to restore the DB instance.
C) Use AWS Key Management Service (AWS KMS) to create a new default AWS managed aws/rds key. Select this key as the encryption key for operations with Amazon RDS.
D) Use AWS Key Management Service (AWS KMS) to create a new CMK. Select this key as the encryption key for operations with Amazon RDS.
E) Create a snapshot of the DB instance. Enable encryption on the snapshot. Use the snapshot to restore the DB instance.
Correct Answer:
Verified
Q285: A company stores images for a website
Q286: A development team is using an AWS
Q287: A company deployed an Amazon EC2 instance
Q288: A company is using AWS Organizations to
Q289: Example.com is hosted on Amazon EC2 instance
Q290: Unapproved changes were previously made to a
Q291: A company has implemented AWS WAF and
Q292: Amazon GuardDuty has detected communications to a
Q293: A company uses Amazon RDS for MySQL
Q295: A developer is building a serverless application
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents