SCS-C02 · Question #146
SCS-C02 Question #146: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #146. The question stem and answer options stay visible for context.
Question
A company is designing a new application stack. The design includes web servers and backend servers that are hosted on Amazon EC2 instances. The design also includes an Amazon Aurora MySQL DB cluster. The EC2 instances are in an Auto Scaling group that uses launch templates. The EC2 instances for the web layer and the backend layer are backed by Amazon Elastic Block Store (Amazon EBS) volumes. No layers are encrypted at rest A security engineer needs to implement encryption at rest. Which combination of steps will meet these requirements? (Choose two.)
Options
- AModify EBS default encryption settings in the target AWS Region to enable encryption. Use an
- BModify the launch templates for the web layer and the backend layer to add AWS Certificate
- CCreate a new AWS Key Management Service (AWS KMS) encrypted DB cluster from a snapshot
- DApply AWS Key Management Service (AWS KMS) encryption to the existing DB cluster.
- EApply AWS Certificate Manager (ACM) encryption to the existing DB cluster.
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.