nerdexam
GIAC

GSEC · Question #275

GSEC Question #275: Real Exam Question with Answer & Explanation

The correct answer is A. Certificate Manager. AWS Certificate Manager (ACM) is the service that provisions, manages, and automatically renews TLS/SSL certificates used with AWS services including Amazon API Gateway.

Question

Which AWS service integrates with the Amazon API Gateway to provision and renew TLS encryption needs for data in transit?

Options

  • ACertificate Manager
  • BKey Management Server
  • CWeb Application firewall
  • DSecurity Token Service

Explanation

AWS Certificate Manager (ACM) is the service that provisions, manages, and automatically renews TLS/SSL certificates used with AWS services including Amazon API Gateway.

Common mistakes.

  • B. AWS Key Management Service (KMS) manages cryptographic keys for encrypting data at rest and in application workflows, but does not provision or renew TLS certificates for transit encryption.
  • C. AWS WAF (Web Application Firewall) filters and monitors HTTP/S requests for malicious traffic but has no role in managing TLS certificates or handling encryption provisioning.
  • D. AWS Security Token Service (STS) issues temporary, limited-privilege credentials for IAM identities and has no function related to TLS certificate provisioning or renewal.

Concept tested. AWS Certificate Manager TLS integration with API Gateway

Reference. https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSEC Practice