Amazon Exam DAS-C01 Topic 4 Question 2 Discussion

Actual exam question for Amazon's DAS-C01 exam

Question #: 2
Topic #: 4

A banking company is currently using an Amazon Redshift cluster with dense storage (DS) nodes to store sensitive dat

a. An audit found that the cluster is unencrypted. Compliance requirements state that a database with sensitive data must be encrypted through a hardware security module (HSM) with automated key rotation.

Which combination of steps is required to achieve compliance? (Choose two.)

ASet up a trusted connection with HSM using a client and server certificate with automatic key rotation.

BModify the cluster with an HSM encryption option and automatic key rotation.

CCreate a new HSM-encrypted Amazon Redshift cluster and migrate the data to the new cluster.

DEnable HSM with key rotation through the AWS CLI.

EEnable Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) encryption in the HSM.

Show Suggested Answer

Suggested Answer: B, D

https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html

by Lenna at May 03, 2022, 03:09 PM

Limited Time Offer

25%

Off

Get Premium DAS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Man Mohan Sharma

4 years ago

A, B

upvoted 1 times

...