AWS Certified Solutions Architect Associate SAA-C03 Practice Question
An organization is deploying a web application on a scalable cloud infrastructure. They need to ensure all communications between the web browsers of their clients and the servers are encrypted. Which approach would be the MOST appropriate to guarantee encryption of the data being transmitted over the internet?
Utilize automated server-side encryption in the storage layer to secure data before it leaves the cloud environment.
Provision, manage, and automate the renewal of SSL/TLS certificates for deploying on load balancers and content delivery networks.
Incorporate a key management service to generate encryption keys used to manually encrypt data before transmission over the internet.
Implement custom encryption in the application code to handle encryption before sending data over the network.
Utilizing a service to provision, manage, and deploy public SSL/TLS certificates enables secure HTTPS connections, a standard protocol for encrypted communication over the internet. This service is responsible for the encryption of data in transit by facilitating SSL/TLS protocols, which is a necessity for the encryption of web traffic. This ensures that data is secure while being transmitted. Options related to key management systems and client-side or server-side encryption generally refer to protecting data at rest or providing encryption tools within the application but are not directly related to establishing secure browser to server communication.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are SSL and TLS, and how do they contribute to web security?
Open an interactive chat with Bash
What is the purpose of load balancers in a cloud infrastructure?
Open an interactive chat with Bash
What is the difference between encryption at rest and encryption in transit?