Amazon Exam DBS-C01 Topic 8 Question 75 Discussion

Actual exam question for Amazon's DBS-C01 exam

Question #: 75
Topic #: 8

A company has a database fleet that includes an Amazon RDS for MySQL DB instance. During an audit, the company discovered that the data that is stored on the DB instance is unencrypted.

A database specialist must enable encryption for the DB instance. The database specialist also must encrypt all connections to the DB instance.

Which combination of actions should the database specialist take to meet these requirements? (Choose three.)

AIn the RDS console, choose Enable encryption to encrypt the DB instance by using an AWS Key Management Service (AWS KMS) key.

BEncrypt the read replica of the unencrypted DB instance by using an AWS Key Management Service (AWS KMS) key. Fail over the read replica to the primary DB instance.

CCreate a snapshot of the unencrypted DB instance. Encrypt the snapshot by using an AWS Key Management Service (AWS KMS) key. Restore the DB instance from the encrypted snapshot. Delete the original DB instance.

DRequire SSL connections for applicable database user accounts.

EUse SSL/TLS from the application to encrypt a connection to the DB instance.

FEnable SSH encryption on the DB instance.

Show Suggested Answer

Suggested Answer: A, C, E

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html#Overview.Encryption.Enabling

by Josphine at May 27, 2023, 10:19 AM

Limited Time Offer

25%

Off

Get Premium DBS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!