A company is storing data on Amazon Simple Storage Service (S3). The company’s security
policy mandates that data is encrypted at rest. Which of the following methods can achieve this?
Choose 3 answers
A.
Use Amazon S3 server-side encryption with AWS Key Management Service managed keys.
B.
Use Amazon S3 server-side encryption with customer-provided keys.
C.
Use Amazon S3 server-side encryption with EC2 key pair.
D.
Use Amazon S3 bucket policies to restrict access to the data at rest.
E.
Encrypt the data on the client-side before ingesting to Amazon S3 using their own master key.
F.
Use SSL to encrypt the data while in transit to Amazon S3.
ABE
Ref – https://aws.amazon.com/blogs/aws/new-amazon-s3-server-side-encryption/