Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Solutions Architect Cert > Encryption > Flashcards

Encryption Flashcards

1
Q

A development team wants to ensure that all objects uploaded to an Amazon S3 bucket are encrypted?

Do you check for x-amz-server-side-encryption header set?
Do you check for s3:x-amz-acl header set?
Do you check for aws:SecureTransport header set?

A

Deny if x-amz-server-side-encryption header does not exist

Access control lists (ACL) have nothing to with encryption.

Deny if aws:SecureTransport header set is False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A financial services company stores confidential data on an Amazon Simple Storage Service (S3) bucket. The compliance guidelines require that files be stored with server-side encryption. The encryption used must be Advanced Encryption Standard (AES-256) and the company does not want to manage the encryption keys.

Which of the following options represents the most cost-optimal solution for the given use case?

SSE-KMS or SSE-S3?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Solutions Architect Cert (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions