Which encryption types can be used to protect objects at rest in Amazon S3?
(Choose two.)
Server-side encryption with Amazon S3 managed encryption keys (SSE-S3)
Server-side encryption with AWS KMS managed keys (SSE-KMS)
TLS
SSL
Transparent Data Encryption (TDE)
Explanations:
SSE-S3 uses Amazon S3 managed keys to automatically encrypt data at rest without user management.
SSE-KMS uses AWS Key Management Service to provide more control over encryption keys and policies for data at rest.
TLS is a protocol for securing data in transit, not for encrypting data at rest.
SSL is an older protocol for securing data in transit, similar to TLS, and does not apply to data at rest.
TDE is a feature of certain databases for encrypting data at rest but is not applicable to S3 directly.