DAS-C01 · Question #43
DAS-C01 Question #43: Real Exam Question with Answer & Explanation
Sign in or unlock DAS-C01 to reveal the answer and full explanation for question #43. The question stem and answer options stay visible for context.
Question
A banking company is currently using an Amazon Redshift cluster with dense storage (DS) nodes to store sensitive data. An audit found that the cluster is unencrypted. Compliance requirements state that a database with sensitive data must be encrypted through a hardware security module (HSM) with automated key rotation. Which combination of steps is required to achieve compliance? (Choose two.)
Options
- ASet up a trusted connection with HSM using a client and server certificate with automatic key
- BModify the cluster with an HSM encryption option and automatic key rotation.
- CCreate a new HSM-encrypted Amazon Redshift cluster and migrate the data to the new cluster.
- DEnable HSM with key rotation through the AWS CLI.
- EEnable Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) encryption in the HSM.
Unlock DAS-C01 to see the answer
You've previewed enough free DAS-C01 questions. Unlock DAS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.