Which combination of actions should be taken to accomplish this?

By:
On:
In: SOA-C01
Tagged:
With: 0 Comments
A Development team is designing an application that processes sensitive information within a hybrid deployment.The team needs to ensure the application data is protected both in transit and at rest.

Which combination of actions should be taken to accomplish this?

(Choose two.)

Use a VPN to set up a tunnel between the on-premises data center and the AWS resources

Use AWS Certificate Manager to create TLS/SSL certificates

Use AWS CloudHSM to encrypt the data

Use AWS KMS to create TLS/SSL certificates

Use AWS KMS to manage the encryption keys used for data encryption

Explanations:

Using a VPN to set up a tunnel between the on-premises data center and AWS ensures secure communication, protecting data in transit.

AWS Certificate Manager is used to manage SSL/TLS certificates but does not directly address encryption at rest or the secure management of keys.

AWS CloudHSM is used for hardware security module (HSM) services but does not directly address data encryption at rest or in transit for the application.

AWS KMS does not create TLS/SSL certificates. It is primarily used for key management and encryption operations.

AWS KMS is used to manage encryption keys, which is crucial for encrypting data both at rest and in transit.

Leave a Reply

Your email address will not be published. Required fields are marked *

five × 1 =