Which solution will meet these requirements?

A company is running its application on the most recent generation of hare metal Amazon EC2 instances.A developer is adding a low-latency computation feature to the application.The feature depends on highly sensitive personally identifiable information (PII).When computation occurs on unencrypted data, the feature needs to run in an isolated environment that provides CPU and memory isolation.

Which solution will meet these requirements?

Build and deploy the feature on the original EC2 instance store.

Add the now feature in the original application. Deploy the application on a Dedicated Host.

Package the now feature and deploy the now feature on AWS Lambda. Use AWS Key Management Service (AWS KMS) to encrypt and decrypt the PII.

Build and deploy the now feature as part of the original application. Run the feature on AWS Nitro Enclaves.

Explanations:

EC2 instance store is not suitable for isolating sensitive data. It does not provide the required CPU and memory isolation for handling highly sensitive personally identifiable information (PII).

A Dedicated Host provides physical server isolation but does not provide the level of isolation required for securely processing PII. Additionally, it does not offer a specific solution for low-latency computation or isolation of sensitive data.

AWS Lambda does not meet the requirement of low-latency computation as it is designed for event-driven workloads, and its execution environment does not offer the level of CPU and memory isolation required for handling PII securely.

AWS Nitro Enclaves provide a high level of isolation and security for processing highly sensitive data. They offer CPU and memory isolation and are specifically designed for running workloads that require the protection of sensitive data, making it the most appropriate solution.

Free study guides, practices test, sample questions

Which solution will meet these requirements?

Explanations:

1 Comment

Leave a Reply Cancel reply