Free Preparation Discussions
MENU
Amazon Exam SAA-C03 Topic 4 Question 44 Discussion
Topic #: 4
A company has a three-tier environment on AWS that ingests sensor data from its users' devices The traffic flows through a Network Load Balancer (NIB) then to Amazon EC2 instances for the web tier and finally to EC2 instances for the application tier that makes database calls
What should a solutions architect do to improve the security of data in transit to the web tier?
A: How do you protect your data in transit?
Best Practices:
Implement secure key and certificate management: Store encryption keys and certificates securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a certificate management service, such as AWS Certificate Manager (ACM).
Enforce encryption in transit: Enforce your defined encryption requirements based on appropriate standards and recommendations to help you meet your organizational, legal, and compliance requirements.
Automate detection of unintended data access: Use tools such as GuardDuty to automatically detect attempts to move data outside of defined boundaries based on data classification level, for example, to detect a trojan that is copying data to an unknown or untrusted network using the DNS protocol.
Authenticate network communications: Verify the identity of communications by using protocols that support authentication, such as Transport Layer Security (TLS) or IPsec.
https://wa.aws.amazon.com/wat.question.SEC_9.en.html
Raina
5 months agoJeniffer
4 months agoArtie
4 months agoJustine
4 months agoAlline
5 months agoRoyce
5 months agoAvery
5 months agoAlline
5 months agoAdria
5 months agoVirgie
3 months agoCheryl
3 months agoCherri
4 months agoFrancene
4 months agoHector
5 months agoMichal
5 months agoHarrison
4 months agoKristofer
4 months agoMaynard
4 months agoLai
5 months agoRoyce
6 months agoTambra
6 months agoRasheeda
5 months agoMickie
5 months ago