This certification preparation material would help you in getting the jobs in the AWS Fields

AWS Developer Certification : Associate Level AWS Sysops Administrator Certification : Assciate Level AWS Solution Architect Certification : Associate Level AWS Soltion Architect : Professional Level AWS Certified Security Specialty (SCS-C01) AWS Professional certification Exam AWS Certified Big Data – Specialty (BDS-C00) AWS Certified Machine Learning MLS C01 Certification Prepration Materal AWS Solution Architect : Training Associate AWS Advanced Networking Certifications AWS Exam Prepare : Kinesis Data Stream Book : AWS Solution Architect Associate : Little Guide AWS Security Specialization Certification: Little Guide SCS-C01 AWS Package Deal

While applying to the Job you need to mention referred by : | or Website :


Question 29: You are working with an application which needs to store data on EBS volume as well as all the encryption and decryption of the data can be in-built. Any encryption keys you are using for the data should be highly protected. Which of the following AWS solution will be ideal for given requirement?

  1. You will be using AWS Security Manager
  2. You will be installing SSL/TLS certificate on EC2 instance.
  3. Correct Answer
  4. You will be using AWS CloudTrail solution

Correct Answer : C

Detailed Explanation

: In the given question we wanted that all the data read and write on EBS volume should be encrypted. And better solution for which very well integrated for given requirement is AWS KMS (Key management solution). AWS KMS is a managed solution from A................................. is highly protected because they will never leave KMS, they are protected using Hardware Security Manager (HSM).

And KMS is well integrated with the AWS EC2 and EBS volume. If yo..............................the data you are storing in EBS. Hence, option 3 is correct.

Now lets look for other options

Option 1: AWS security manager provides encryption but this is not an ideal solution for EBS volume encryption. Security Manager is good for encryption credentials like Database connection string, Username and password etc, which you can retrieve dynamically and rather than storing them in the code. It is a good practice to use it, but can not be used for EBS encryption. Even AWS Security Manager uses KMS for encrypting credentials.

Option 2: SSL certificates are good for both c............................