A financial company will store highly sensitive data in an Amazon S3 bucket and must ensure the data is encrypted in transit and at rest. The company must manage the encryption keys outside the AWS Cloud. Which solution meets these requirements?
Choose an answer
Tap an option to check your answer.
Correct answer: Encrypt the data at the company's data center before storing the data in the S3 bucket..
Why this is the answer
The correct solution is to encrypt the data at the company's data center before storing it in the S3 bucket. This approach, known as client-side encryption, ensures that the encryption keys are managed entirely outside the AWS Cloud, meeting the strict requirement for external key management. The data is encrypted before it ever
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed