Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SAA-C03 Topic 4 Question 44 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 44
Topic #: 4
[All SAA-C03 Questions]

A company has a three-tier environment on AWS that ingests sensor data from its users' devices The traffic flows through a Network Load Balancer (NIB) then to Amazon EC2 instances for the web tier and finally to EC2 instances for the application tier that makes database calls

What should a solutions architect do to improve the security of data in transit to the web tier?

Show Suggested Answer Hide Answer
Suggested Answer: A

A: How do you protect your data in transit?

Best Practices:

Implement secure key and certificate management: Store encryption keys and certificates securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a certificate management service, such as AWS Certificate Manager (ACM).

Enforce encryption in transit: Enforce your defined encryption requirements based on appropriate standards and recommendations to help you meet your organizational, legal, and compliance requirements.

Automate detection of unintended data access: Use tools such as GuardDuty to automatically detect attempts to move data outside of defined boundaries based on data classification level, for example, to detect a trojan that is copying data to an unknown or untrusted network using the DNS protocol.

Authenticate network communications: Verify the identity of communications by using protocols that support authentication, such as Transport Layer Security (TLS) or IPsec.

https://wa.aws.amazon.com/wat.question.SEC_9.en.html


by Altha at Sep 08, 2024, 09:39 PM

Limited Time Offer

25%

Off

Get Premium SAA-C03 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Raina
2 months ago
Option A is the clear winner here. Throwing a TLS party on the NLB is the way to secure that data in transit! Woo-hoo!
upvoted 0 times
Jeniffer
1 months ago
User 3: TLS party on the NLB sounds like a plan! Let's secure that data in transit.
upvoted 0 times
...
Artie
1 months ago
I agree, setting up a TLS listener on the NLB will definitely improve security.
upvoted 0 times
...
Justine
2 months ago
Option A is definitely the way to go. TLS all the way!
upvoted 0 times
...
...
Alline
2 months ago
I see your point, but we should consider all options before making a decision
upvoted 0 times
...
Royce
2 months ago
That's true, but TLS encryption is a fundamental security measure
upvoted 0 times
...
Avery
2 months ago
But wouldn't AWS Shield Advanced and AWS WAF provide better protection?
upvoted 0 times
...
Alline
2 months ago
I agree with Royce, TLS encryption is the way to go
upvoted 0 times
...
Adria
2 months ago
Option D encrypting the EBS volumes is a good practice, but it doesn't address the security of the data in transit. Gotta go with Option A on this one.
upvoted 0 times
Virgie
25 days ago
Definitely, it's important to have that extra layer of security in place.
upvoted 0 times
...
Cheryl
26 days ago
That makes sense, securing the data in transit is crucial for the web tier.
upvoted 0 times
...
Cherri
1 months ago
Agreed, Option A with configuring a TLS listener and adding the server certificate on the NLB is the way to go.
upvoted 0 times
...
Francene
1 months ago
Option D encrypting the EBS volumes is a good practice, but it doesn't address the security of the data in transit.
upvoted 0 times
...
...
Hector
3 months ago
Changing to an Application Load Balancer and attaching WAF is a good idea, but it doesn't specifically target the security of data in transit. I'd go with Option A.
upvoted 0 times
...
Michal
3 months ago
Hmm, AWS Shield Advanced and WAF are great for DDoS protection, but they don't address the security of data in transit. I think Option A is the way to go.
upvoted 0 times
Harrison
1 months ago
Agreed, it's important to secure the data at every step of the process
upvoted 0 times
...
Kristofer
2 months ago
Definitely, it adds an extra layer of protection for the data flowing to the web tier
upvoted 0 times
...
Maynard
2 months ago
That makes sense, encrypting the data in transit is crucial for security
upvoted 0 times
...
Lai
2 months ago
Option A) Configure a TLS listener and add the server certificate on the NLB
upvoted 0 times
...
...
Royce
3 months ago
I think we should go with option A
upvoted 0 times
...
Tambra
3 months ago
Option A is the correct answer. Configuring a TLS listener and adding the server certificate on the NLB will ensure secure data transmission to the web tier.
upvoted 0 times
Rasheeda
2 months ago
That sounds like a good idea. It will improve the security of data in transit to the web tier.
upvoted 0 times
...
Mickie
3 months ago
I think we should configure a TLS listener and add the server certificate on the NLB.
upvoted 0 times
...
...

Save Cancel