A customer is deploying an SSL enabled web application to AWS and would like to implement a separation of roles between the EC2 service administrators that are entitled to login to instances as well as making API calls and the security officers who will maintain and have exclusive access to the application's X.509 certificate that contains the private key.
A) Upload the certificate on an S3 bucket owned by the security officers and accessible only by EC2 Role of the web servers.
B) Configure the web servers to retrieve the certificate upon boot from an CloudHSM is managed by the security officers.
C) Configure system permissions on the web servers to restrict access to the certificate only to the authority security officers
D) Configure IAM policies authorizing access to the certificate store only to the security officers and terminate SSL on an ELB.
Correct Answer:
Verified
Q4: You are tasked with moving a legacy
Q5: What does elasticity mean to AWS?
A) The
Q6: You are designing Internet connectivity for your
Q7: Your company is storing millions of sensitive
Q8: Your company is in the process of
Q10: Your team has a tomcat-based Java application
Q11: A large real-estate brokerage is exploring the
Q12: You have deployed a web application targeting
Q13: You are designing the network infrastructure for
Q14: Your customer is willing to consolidate their
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents