An organization wants to move to Cloud. They are looking for a secure encrypted database storage option.
Which of the below mentioned AWS functionalities helps them to achieve this?
A.
AWS MFA with EBS
B.
AWS EBS encryption
C.
Multi-tier encryption with Redshift
D.
AWS S3 server side storage
Explanation:
AWS EBS supports encryption of the volume while creating new volumes. It also supports creating volumes
from existing snapshots provided the snapshots are created from encrypted volumes. The data at rest, the I/O
as well as all the snapshots of EBS will be encrypted. The encryption occurs on the servers that host the EC2
instances, providing encryption of data as it moves between the EC2 instances and EBS storage. EBS encryption
is based on the AES-256 cryptographic algorithm, which is the industry standard
B.
AWS EBS encryption
C is correct.
http://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html
“About Database Encryption for Amazon Redshift Using AWS KMS
When you choose AWS KMS for key management with Amazon Redshift, there is a four-tier hierarchy of encryption keys. “
^Redshift is a datawarehouse DB and only a subset of a generic database
So answer here is B
b
after A
before C
b
B
B
“secure encrypted database storage option” had a keyword database make me confused, so B or C is the right answer, i think it’s B because encryption of Redshift based on KMS and Redshift is data-warehouse.