Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AGC AWS Certified Solutions Architect Associate > Chapter 5.8 - Encrypting S3 Objects > Flashcards

Chapter 5.8 - Encrypting S3 Objects Flashcards

1
Q

What are the 3 types of encryption are used in S3?

A

** Encryption in Transit **
SSL / TLS - Secure Sockets Layer / Transport Layer Security
HTTPS - Hypertext Transfer Protocol Secure

** Encryption at Rest: Server-Side Encryption **
SSE-S3: S3-managed keys, using AES 256-bit encryption
SSE-KMS: AWS Key Management Service-managed keys
SSE-C: Customer-provided keys

** Encryption at Rest: Client-Side Encryption **
You encrypt the files yourself before you upload them to S3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How is server-side encryption enforced in AWS S3?

A

** Console **
Select the encryption setting on your S3 bucket.
The easiest way. Checkbox in the console.

** Bucket Policy **
Enforce using a bucket policy.
Policy can include denial of any S3 PUT request that doesn’t include encrypted objects / the encryption parameter in the PUT request header.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AGC AWS Certified Solutions Architect Associate (34 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions