AmazonAmazon
SAA-C03 · Question #713
SAA-C03 Question #713: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #713. The question stem and answer options stay visible for context.
Submitted by asante_acc· Mar 4, 2026Design Secure Architectures
Question
A healthcare company needs to encrypt patient data that is stored in an Amazon RDS for PostgreSQL DB instance to comply with regulations. The company must ensure that only specific IAM roles can manage the encryption keys and decrypt the data. Which solution will meet these requirements with the LEAST operational overhead?
Options
- AEnable RDS encryption with AWS managed keys (aws/rds). Update the DB instance to restrict
- BEnable RDS encryption with a customer-managed AWS KMS key. Configure a key policy that
- CCreate a custom encryption method at the application layer. Store the encryption keys in an
- DEnable RDS encryption at rest with the default AWS KMS key. Control access to the RDS DB
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.