An organization has a system in AWS that allows a large number of remote workers to submit data files. File sizes vary from a few kilobytes to several megabytes.
A recent audit highlighted a concern that data files are not encrypted while in transit over untrusted networks.
Which solution would remediate the audit finding while minimizing the effort required?

A. Upload an SSL certificate to IAM, and configure Amazon CloudFront with the passphrase for the private key.

B. Call KMS.Encrypt() in the client, passing in the data file contents, and call KMS.Decrypt() server-side.

C. Use AWS Certificate Manager to provision a certificate on an Elastic Load Balancing in front of the web service's servers.

D. Create a new VPC with an Amazon VPC VPN endpoint, and update the web service's DNS record.








 

Suggested Answer: C

Community Answer: C




This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.