A company conducted a security audit of its AWS infrastructure. The audit identified that data was not encrypted in transit between application servers and a
MySQL database that is hosted in Amazon RDS.
After the audit, the company updated the application to use an encrypted connection. To prevent this problem from occurring again, the company's database team needs to configure the database to require in-transit encryption for all connections.
Which solution will meet this requirement?

A. Update the parameter group in use by the DB instance, and set the require_secure_transport parameter to ON.

B. Connect to the database, and use ALTER USER to enable the REQUIRE SSL option on the database user.

C. Update the security group in use by the DB instance, and remove port 80 to prevent unencrypted connections from being established.

D. Update the DB instance, and enable the Require Transport Layer Security option.








 

Suggested Answer: A

Community Answer: A

You can set the require_secure_transport parameter to ON to require SSL/TLS for connections to your DB cluster.
Reference:
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Security.html

 This question is in DBS-C01 AWS Certified Database – Specialty Exam
For getting AWS Certified Database – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.