Which of the following methods can achieve this?

A company is storing data on Amazon Simple Storage Service (S3).The company’s security policy mandates that data is encrypted at rest.

(Choose three.)

Use Amazon S3 server-side encryption with AWS Key Management Service managed keys.

Use Amazon S3 server-side encryption with customer-provided keys.

Use Amazon S3 server-side encryption with EC2 key pair.

Use Amazon S3 bucket policies to restrict access to the data at rest.

Encrypt the data on the client-side before ingesting to Amazon S3 using their own master key.

Use SSL to encrypt the data while in transit to Amazon S3.

Amazon S3 server-side encryption with AWS KMS managed keys encrypts data at rest using managed keys.

Amazon S3 server-side encryption with customer-provided keys allows users to specify their own keys for encryption at rest.

EC2 key pairs are not used for encrypting data at rest in S3; they are used for SSH access to EC2 instances.

Bucket policies control access to data but do not provide encryption; they manage permissions only.

Client-side encryption involves encrypting data before uploading it to S3, ensuring it is encrypted at rest.

SSL encrypts data in transit, not at rest; it secures the data as it travels to S3 but does not store it encrypted.

Learn & move to cloud