A banking company is currently using Amazon Redshift for sensitive data. An audit found that the current cluster is unencrypted. Compliance requires that a database with sensitive data must be encrypted using a hardware security module (HSM) with customer managed keys. Which modifications are required in the cluster to ensure compliance? A. Create a new HSM-encrypted Amazon Redshift cluster and migrate the data to the new cluster. B. Modify the DB parameter group with the appropriate encryption settings and then restart the cluster. C. Enable HSM encryption in Amazon Redshift using the command line. D. Modify the Amazon Redshift cluster from the console and enable encryption using the HSM option.  Suggested Answer: A Community Answer: A When you modify your cluster to enable AWS KMS encryption, Amazon Redshift automatically migrates your data to a new encrypted cluster. Reference: https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html This question is in DAS-C01 AWS Certified Data Analytics – Specialty Exam For getting AWS Certified Data Analytics – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer
