AWS Certified Developer Associate DVA-C02 Practice Question
A company is looking to encrypt data at rest for their Amazon DynamoDB table, which contains sensitive information. They want to guarantee that the encryption does not affect the performance of their application. Which service should they use to accomplish this without managing server-side encryption themselves?
Implement client-side encryption before storing the data in the DynamoDB table
Force all connections to the DynamoDB table to use SSL/TLS
Create an IAM role with a policy that enforces encryption at rest
Enable Amazon DynamoDB's default encryption at rest using AWS managed keys
Using AWS managed encryption with Amazon DynamoDB provides transparent data encryption at rest without affecting the performance of the application. It uses AWS Key Management Service (AWS KMS) to manage the encryption keys, which eliminates the overhead of managing server-side encryption directly. While client-side encryption could also protect data at rest, it would add complexity to the application and could impact performance. Additionally, SSL/TLS ensures encryption in transit but does not encrypt data at rest, and IAM roles are used for access control and do not address encryption needs.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS KMS and how does it relate to encryption?
Open an interactive chat with Bash
How does Amazon DynamoDB's default encryption at rest work?
Open an interactive chat with Bash
What is the difference between server-side and client-side encryption?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access