A company’s policies require that code be validated to ensure that the code has not been altered before invocation.A security engineer needs to update code in an AWS Lambda function.The developer has finalized the code and has stored the code in an Amazon S3 bucket.
Which combination of steps should the security engineer take to meet these requirements?
(Choose two.)
Deploy the new code in a zip file to the S3 bucket.
Invoke a signing job by using AWS Signer. Deploy the new signed code to the Lambda function.
Use AWS Key Management Service (AWS KMS) to encrypt the code.
Analyze the code with Amazon CodeGuru.
Store all passwords in AWS Secrets Manager.