SOA-C02 · Question #82
SOA-C02 Question #82: Real Exam Question with Answer & Explanation
The correct answer is D: S3 objects within a bucket. To enable encryption for S3 objects within a bucket, you can enable default encryption on the S3 bucket. This ensures that all new objects uploaded to the bucket are automatically encrypted at rest. For existing objects, you can use S3's server-side encryption APIs or S3 Copy ope
Question
An existing, deployed solution uses Amazon EC2 instances with Amazon EBS General Purpose SSD volumes, am Amazon RDS PostgreSQL database, an Amazon EFS file system, and static objects stored in an Amazon S3 bucket. The Security team now mandates that at-rest encryption be turned on immediately for all aspects of the application, without creating new resources and without any downtime. To satisfy the requirements, which one of these services can the SysOps Administrator enable at- rest encryption on?
Options
- AEBS General Purpose SSD volumes
- BRDS PostgreSQL database
- CAmazon EFS file systems
- DS3 objects within a bucket
Explanation
To enable encryption for S3 objects within a bucket, you can enable default encryption on the S3 bucket. This ensures that all new objects uploaded to the bucket are automatically encrypted at rest. For existing objects, you can use S3's server-side encryption APIs or S3 Copy operation with encryption options to re-upload the objects with encryption enabled.
Community Discussion
No community discussion yet for this question.