Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 743 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 743
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

To meet security requirements, a company needs to encrypt all of its application data in transit while communicating with an Amazon RDS MySQL DB instance. A recent security audit revealed that encryption at rest is enabled using AWS Key Management Service (AWS KMS), but data in transit is not enabled.

What should a solutions architect do to satisfy the security requirements?

  • A. Enable IAM database authentication on the database.
  • B. Provide self-signed certificates. Use the certificates in all connections to the RDS instance.
  • C. Take a snapshot of the RDS instance. Restore the snapshot to a new instance with encryption enabled.
  • D. Download AWS-provided root certificates. Provide the certificates in all connections to the RDS instance.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Andy_09 at Feb. 5, 2024, 9:02 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
BillaRanga
Highly Voted 8 months ago
Selected Answer: D
Amazon RDS creates an SSL certificate and installs the certificate on the DB instance when the instance is provisioned. So it is AWS provided.
upvoted 11 times
...
Scheldon
Most Recent 3 months, 3 weeks ago
Selected Answer: D
AnswerD
upvoted 1 times
...
DAIYL
5 months, 1 week ago
Selected Answer: D
Even if IAM database authentication is enabled, clients still need to download and configure the AWS-provided root certificate to ensure a secure connection using SSL/TLS encryption. Without configuring the certificate, communication may not be fully encrypted, even with IAM authentication enabled. https://docs.aws.amazon.com/zh_cn/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
upvoted 3 times
Nm55569
4 months, 2 weeks ago
That's not in any of the answers - "Provide the certificates in all connections to the RDS instance." this doesn't make sense with option D - it's not saying configure to trust the CA. Answer can only be option A. Your link includes this "Optionally, your SSL/TLS connection can perform server identity verification by validating the server certificate installed on your database.". This you don't actually need to trust the using CA and can configure the app that way - the traffic is still encrypted though.
upvoted 2 times
...
...
Kezuko
7 months ago
Selected Answer: A
A https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html
upvoted 4 times
...
Sivaeas
7 months, 1 week ago
Optiona A: IAM database authentication provides the following benefits: Network traffic to and from the database is encrypted using Secure Socket Layer (SSL) or Transport Layer Security (TLS). For more information about using SSL/TLS with Amazon RDS, see Using SSL/TLS to encrypt a connection to a DB instance or cluster.
upvoted 4 times
...
Andy_09
8 months, 1 week ago
Option D
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel