SAP-C02 · Question #31
SAP-C02 Question #31: Real Exam Question with Answer & Explanation
The correct answer is B: Use Amazon S3 with a bucket policy to enforce https for connections to the bucket and to enforce. Use Amazon S3 with a bucket policy to enforce httpS for connections to the bucket and to enforce server-side encryption and AWS KMS for object encryption.
Question
A company is migrating an application to AWS. It wants to use fully managed services as much as possible during the migration. The company needs to store large, important documents within the application with the following requirements: 1. The data must be highly durable and available. 2. The data must always be encrypted at rest and in transit. 3. The encryption key must be managed by the company and rotated periodically. Which of the following solutions should the solutions architect recommend?
Options
- ADeploy the storage gateway to AWS in file gateway mode. Use Amazon EBS volume encryption
- BUse Amazon S3 with a bucket policy to enforce https for connections to the bucket and to enforce
- CUse Amazon DynamoDB with SSL to connect to DynamoDB. Use an AWS KMS key to encrypt
- DDeploy instances with Amazon EBS volumes attached to store this data. Use E8S volume
Explanation
Use Amazon S3 with a bucket policy to enforce httpS for connections to the bucket and to enforce server-side encryption and AWS KMS for object encryption.
Community Discussion
No community discussion yet for this question.