DBS-C01 · Question #351
DBS-C01 Question #351: Real Exam Question with Answer & Explanation
Sign in or unlock DBS-C01 to reveal the answer and full explanation for question #351. The question stem and answer options stay visible for context.
Question
A healthcare company is running an application on Amazon EC2 in a public subnet and using Amazon DocumentDB (with MongoDB compatibility) as the storage layer. An audit reveals that the traffic between the application and Amazon DocumentDB is not encrypted and that the DocumentDB cluster is not encrypted at rest. A database specialist must correct these issues and ensure that the data in transit and the data at rest are encrypted. Which actions should the database specialist take to meet these requirements? (Choose two.)
Options
- ADownload the SSH RSA public key for Amazon DocumentDB. Update the application
- BDownload the SSL .pem public key for Amazon DocumentDAdd the key to the application
- CCreate a snapshot of the unencrypted cluster. Restore the unencrypted snapshot as a new
- DCreate an Amazon DocumentDB VPC endpoint to prevent the traffic from going to the Amazon
- EActivate encryption at rest using the modify-db-cluster command with the --storage-encrypted
Unlock DBS-C01 to see the answer
You've previewed enough free DBS-C01 questions. Unlock DBS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.