nerdexam
ExamsDBS-C01Questions#222
AmazonAmazon

DBS-C01 · Question #222

DBS-C01 Question #222: Real Exam Question with Answer & Explanation

The correct answer is C: Create a snapshot of the unencrypted DB instance. Encrypt the snapshot by using an AWS Key. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html

Submitted by zhang_li· Mar 6, 2026Database Security

Question

A company has a database fleet that includes an Amazon RDS for MySQL DB instance. During an audit, the company discovered that the data that is stored on the DB instance is unencrypted. A database specialist must enable encryption for the DB instance. The database specialist also must encrypt all connections to the DB instance. Which combination of actions should the database specialist take to meet these requirements? (Choose three.)

Options

  • AIn the RDS console, choose "Enable encryption" to encrypt the DB instance by using an AWS
  • BEncrypt the read replica of the unencrypted DB instance by using an AWS Key Management
  • CCreate a snapshot of the unencrypted DB instance. Encrypt the snapshot by using an AWS Key
  • DRequire SSL connections for applicable database user accounts.
  • EUse SSL/TLS from the application to encrypt a connection to the DB instance.
  • FEnable SSH encryption on the DB instance.

Explanation

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html

Topics

#RDS MySQL#Encryption at rest#Encryption in transit#Snapshot encryption#SSL/TLS

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full DBS-C01 PracticeBrowse All DBS-C01 Questions