Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam Amazon-DEA-C01 Topic 3 Question 8 Discussion

Actual exam question for Amazon's Amazon-DEA-C01 exam
Question #: 8
Topic #: 3
[All Amazon-DEA-C01 Questions]

A company hosts its applications on Amazon EC2 instances. The company must use SSL/TLS connections that encrypt data in transit to communicate securely with AWS infrastructure that is managed by a customer.

A data engineer needs to implement a solution to simplify the generation, distribution, and rotation of digital certificates. The solution must automatically renew and deploy SSL/TLS certificates.

Which solution will meet these requirements with the LEAST operational overhead?

Show Suggested Answer Hide Answer
Suggested Answer: B

The best solution for managing SSL/TLS certificates on EC2 instances with minimal operational overhead is to use AWS Certificate Manager (ACM). ACM simplifies certificate management by automating the provisioning, renewal, and deployment of certificates.

AWS Certificate Manager (ACM):

ACM manages SSL/TLS certificates for EC2 and other AWS resources, including automatic certificate renewal. This reduces the need for manual management and avoids operational complexity.

ACM also integrates with other AWS services to simplify secure connections between AWS infrastructure and customer-managed environments.


Alternatives Considered:

A (Self-managed certificates): Managing certificates manually on EC2 instances increases operational overhead and lacks automatic renewal.

C (Secrets Manager automation): While Secrets Manager can store keys and certificates, it requires custom automation for rotation and does not handle SSL/TLS certificates directly.

D (ECS Service Connect): This is unrelated to SSL/TLS certificate management and would not address the operational need.

AWS Certificate Manager Documentation

by Thurman at Dec 06, 2024, 02:47 PM

Limited Time Offer

25%

Off

Get Premium Amazon-DEA-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Filiberto
1 months ago
Option C might work, but it just seems like a lot of extra work when AWS Certificate Manager is right there. Why make things complicated?
upvoted 0 times
...
Mabel
1 months ago
Personally, I'm not a fan of option A. Self-managing certificates on EC2 instances sounds like a recipe for headaches down the line.
upvoted 0 times
Lavonda
8 days ago
That could work too, but ACM seems like the easier option.
upvoted 0 times
...
Demetra
12 days ago
D) Use Amazon Elastic Container Service (Amazon ECS) Service Connect.
upvoted 0 times
...
Rosalyn
25 days ago
I agree, using ACM would definitely simplify the process.
upvoted 0 times
...
Chantell
28 days ago
B) Use AWS Certificate Manager (ACM).
upvoted 0 times
...
...
Lawanda
2 months ago
Haha, I bet the person who came up with option D was just trying to be fancy. 'Amazon Elastic Container Service (Amazon ECS) Service Connect' - that's a mouthful!
upvoted 0 times
Lavonne
17 days ago
C: Definitely, no need for fancy names like option D.
upvoted 0 times
...
Nancey
19 days ago
B: Yeah, that sounds like the simplest option.
upvoted 0 times
...
Daren
1 months ago
A: B) Use AWS Certificate Manager (ACM).
upvoted 0 times
...
...
Launa
2 months ago
I agree, B is the way to go. No need to reinvent the wheel when AWS has a service that handles this for you.
upvoted 0 times
Artie
23 days ago
I agree, B is the way to go. No need to reinvent the wheel when AWS has a service that handles this for you.
upvoted 0 times
...
Ma
24 days ago
A) Store self-managed certificates on the EC2 instances.
upvoted 0 times
...
Louvenia
1 months ago
B) Use AWS Certificate Manager (ACM).
upvoted 0 times
...
...
Vivienne
2 months ago
Using ACM reduces operational overhead and ensures certificates are managed securely.
upvoted 0 times
...
Mona
2 months ago
Option B seems like the most straightforward solution. AWS Certificate Manager takes care of the hassle of managing certificates, and it's integrated with other AWS services.
upvoted 0 times
Tomoko
1 months ago
I agree, ACM is the way to go for managing certificates on AWS.
upvoted 0 times
...
Mike
1 months ago
B) Use AWS Certificate Manager (ACM).
upvoted 0 times
...
Loren
1 months ago
That sounds like a good choice. ACM can definitely simplify the process.
upvoted 0 times
...
Azalee
2 months ago
B) Use AWS Certificate Manager (ACM).
upvoted 0 times
...
...
Gearldine
2 months ago
But wouldn't storing self-managed certificates on EC2 instances be easier?
upvoted 0 times
...
Tasia
2 months ago
I agree with Vivienne, ACM can automatically renew and deploy SSL/TLS certificates.
upvoted 0 times
...
Vivienne
3 months ago
I think using AWS Certificate Manager (ACM) would be the best option.
upvoted 0 times
...

Save Cancel