Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam DBS-C01 Topic 1 Question 89 Discussion

Actual exam question for Amazon's DBS-C01 exam
Question #: 89
Topic #: 1
[All DBS-C01 Questions]

A retail company is about to migrate its online and mobile store to AWS. The company's CEO has strategic plans to grow the brand globally. A Database Specialist has been challenged to provide predictable read and write database performance with minimal operational overhead.

What should the Database Specialist do to meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to the Amazon Redshift documentation1, you can enable database encryption for your clusters to help protect data at rest. You can use either AWS Key Management Service (AWS KMS) or a hardware security module (HSM) to manage the top-level encryption keys in this hierarchy. The process that Amazon Redshift uses for encryption differs depending on how you manage keys.

To copy encrypted snapshots across Regions, you need to create a snapshot copy grant in the destination Region and specify a CMK in that Region. You also need to configure cross-Region snapshots in the source Region and provide the destination Region, the snapshot copy grant, and retention periods for the snapshots. This way, you can automate the process of backing up the cluster data in compliance with the corporate policies.


by Alishia at Apr 11, 2024, 12:53 PM

Limited Time Offer

25%

Off

Get Premium DBS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Mitzie
9 months ago
That's a good point. Maybe option C is the way to go after all.
upvoted 0 times
...
Noe
9 months ago
That's true, but configuring cross-Region snapshots with S3 replication in option C provides redundancy.
upvoted 0 times
...
Berry
10 months ago
But wouldn't copying the KMS key to the destination Region be more secure?
upvoted 0 times
...
Mitzie
10 months ago
I'm leaning towards option D because it seems simpler to manage.
upvoted 0 times
...
Noe
10 months ago
I disagree, I believe option C is more suitable for our needs.
upvoted 0 times
...
Berry
10 months ago
I think option B is the best choice.
upvoted 0 times
...
Jacki
10 months ago
I think option C is the most secure option as it involves replicating the snapshots with specified KMS key IDs.
upvoted 0 times
...
Catina
10 months ago
But with option C, we can use EventBridge to automate the process with Lambda function.
upvoted 0 times
...
Matt
10 months ago
I prefer option A. It's more straightforward to copy the key and use AWS Glue job.
upvoted 0 times
...
Frederic
11 months ago
I agree with Option C seems to be the most efficient solution.
upvoted 0 times
...
Catina
11 months ago
I think option C is the best choice.
upvoted 0 times
...
An
1 years ago
Yeah, I like the elegance of option C as well. Leveraging existing AWS services like Eventbridge, Lambda, and S3 replication makes a lot of sense here.
upvoted 0 times
...
Levi
1 years ago
I'm leaning towards option C. Using EventBridge and Lambda to automate the snapshot process, along with S3 Cross-Region Replication, seems like a robust and comprehensive solution.
upvoted 0 times
...
Edna
1 years ago
Hmm, I'm leaning towards option C. Copying the KMS key to the destination region and using S3 Cross-Region Replication seems like a robust and automated solution.
upvoted 0 times
Kristal
11 months ago
I agree, it's important to have a secure and automated backup process in place.
upvoted 0 times
...
Rosendo
11 months ago
Yeah, having the KMS key in both regions and using Lambda to copy the snapshots sounds efficient.
upvoted 0 times
...
Jaime
11 months ago
Option C seems like a good choice. Using S3 Cross-Region Replication can help automate the process.
upvoted 0 times
...
...
Willodean
1 years ago
I agree. The key is to properly set up the KMS keys and configure the cross-region snapshot replication. It's a good thing they're giving us multiple options to consider.
upvoted 0 times
...
Willie
1 years ago
You know, I'm a little concerned about the complexity of some of these solutions. Wouldn't it be simpler to just backup to an S3 bucket and let S3 handle the encryption and replication?
upvoted 0 times
...
Suzan
1 years ago
That's a good point. Option D does seem more straightforward in terms of the key management. But I'm not sure if that fully meets the requirement of using 'customer-managed' keys in both regions.
upvoted 0 times
...
Leslee
1 years ago
I think option B is the way to go. Creating a new KMS key in the destination Region and configuring cross-Region snapshots seems like the most straightforward approach.
upvoted 0 times
...
Buddy
1 years ago
Oh man, I hope they don't ask us to explain the intricacies of AWS KMS and cross-Region replication. That stuff always makes my head spin.
upvoted 0 times
Marci
11 months ago
Option D could work too, as long as the CMK is properly configured.
upvoted 0 times
...
Lezlie
11 months ago
D
upvoted 0 times
...
Josefa
12 months ago
I'm leaning towards option C because it involves using Amazon EventBridge and S3 Cross-Region Replication.
upvoted 0 times
...
Arlene
12 months ago
C
upvoted 0 times
...
Timothy
12 months ago
But option A also seems like a viable solution.
upvoted 0 times
...
Julio
12 months ago
A
upvoted 0 times
...
Glennis
12 months ago
I think option B sounds like the best choice.
upvoted 0 times
...
Wilford
12 months ago
B
upvoted 0 times
...
...
Yvonne
1 years ago
Hmm, this is a tricky one. We need to make sure the backup process is fully automated and complies with the company's data encryption and disaster recovery policies.
upvoted 0 times
...
Mariko
1 years ago
This is a great question that really tests our understanding of AWS Redshift backup and encryption best practices. I'm feeling confident about this one.
upvoted 0 times
...

Save Cancel