will be using for that?
A. You will enable server side encryption
B. You will enable client side encryption
C. In the MapReduce you will be using encrypted shuffle.
D. Data Encryption on HDFS block data transfer
1. A,B
2. B,C
3. C,D
4. A,D
5. B,D
Correct Answer : 3 Exp : While using Hadoop with the AWS EMR you can encrypt the data in transit as well as at rest. You can use either in-transit encryption or at-rest encryption or both.
Several encryption mechanisms are enabled with in-transit encryption. These are open-source features, are application-specific, and may vary by Amazon EMR release. The following application-specific encryption
features can be enabled using security configurations:
Hadoop:
- Hadoop MapReduce Encrypted Shuffle uses TLS.
- Secure Hadoop RPC is set to ""Privacy"" and uses SASL (activated in Amazon EMR when at-rest encryption is enabled).
- Data encryption on HDFS block data transfer uses AES 256 (activated in Amazon EMR when at-rest encryption is enabled in the security configuration).
HBase:
- When Kerberos is enabled, the hbase.rpc.protection property is set to privacy for encrypted communication.
Presto:
- Internal communication between Presto nodes uses SSL/TLS (Amazon EMR version 5.6.0 and later only).
Tez:
- Tez Shuffle Handler uses TLS (tez.runtime.ssl.enable).
Spark :
- Internal RPC communication between Spark components-for example, the block transfer service and the external shuffle service-is encrypted using the AES-256 cipher in Amazon EMR release version 5.9.0 and later. In
earlier releases, internal RPC communication is encrypted using SASL with DIGEST-MD5 as the cipher.
- HTTP protocol communication with user interfaces such as Spark History Server and HTTPS-enabled file servers is encrypted using Sparks SSL configuration.
3
