A company's on-premises networks are connected to VPCs using an AWS Direct Connect gateway. The company's on-premises application needs to stream data using an existing Amazon Kinesis Data Firehose delivery stream. The company's security policy requires that data be encrypted in transit using a private network. How should the company meet these requirements?
A) Create a VPC endpoint for Kinesis Data Firehose. Configure the application to connect to the VPC endpoint.
B) Configure an IAM policy to restrict access to Kinesis Data Firehose using a source IP condition. Configure the application to connect to the existing Firehose delivery stream.
C) Create a new TLS certificate in AWS Certificate Manager (ACM) . Create a public-facing Network Load Balancer (NLB) and select the newly created TLS certificate. Configure the NLB to forward all traffic to Kinesis Data Firehose. Configure the application to connect to the NLB.
D) Peer the on-premises network with the Kinesis Data Firehose VPC using Direct Connect. Configure the application to connect to the existing Firehose delivery stream.
Correct Answer:
Verified
Q279: A company is hosting a web application
Q280: A company plans to create individual child
Q281: A company needs its Amazon Elastic Block
Q282: A security engineer must develop an encryption
Q283: A company has a serverless application for
Q285: A company stores images for a website
Q286: A development team is using an AWS
Q287: A company deployed an Amazon EC2 instance
Q288: A company is using AWS Organizations to
Q289: Example.com is hosted on Amazon EC2 instance
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents