A banking company is currently using an Amazon Redshift cluster with dense storage (DS) nodes to store sensitive data. An audit found that the cluster is unencrypted. Compliance requirements state that a database with sensitive data must be encrypted through a hardware security module (HSM) with automated key rotation. Which combination of steps is required to achieve compliance? (Choose two.) A. Set up a trusted connection with HSM using a client and server certificate with automatic key rotation. B. Modify the cluster with an HSM encryption option and automatic key rotation. C. Create a new HSM-encrypted Amazon Redshift cluster and migrate the data to the new cluster. D. Enable HSM with key rotation through the AWS CLI. E. Enable Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) encryption in the HSM.  Suggested Answer: BD Community Answer: AC Reference: https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html This question is in DAS-C01 AWS Certified Data Analytics – Specialty Exam For getting AWS Certified Data Analytics – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer