AWS Certified Developer Associate DVA-C02 Practice Question
A company is rolling out a new application on AWS that will handle sensitive customer information. The security team mandates that all customer data must be encrypted not only when stored (at rest) but also as it moves between services (in transit). Which of the following solutions should the development team implement to ensure compliance with the security team's mandate?
Apply strict IAM policies to control access to data but rely on the application to handle encryption.
Use built-in database encryption at rest and rely on network ACLs for data in transit.
Use Amazon S3 with Server-Side Encryption (SSE) and leverage HTTPS for data in transit.
Encrypt sensitive database columns at rest and ensure IAM policies for database access are in place.
Enforcing encryption at rest can be achieved by storing data using Amazon S3 with Server-Side Encryption (SSE) enabled, where Amazon handles the entire encryption process transparently. The data is decrypted for you when you access it. For encryption in transit, implementing HTTPS connections ensures data transferred between the client and servers is secured. While IAM policies do manage access, they do not directly encrypt data. Additionally, database column encryption only addresses data at rest and doesn't provide encryption in transit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Server-Side Encryption (SSE) in Amazon S3?
Open an interactive chat with Bash
Why is HTTPS important for data in transit?
Open an interactive chat with Bash
What role do IAM policies play in data security on AWS?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access