Q: 14
A medical company wants to perform transformations on a large amount of clinical trial data that
comes from several customers. The company must extract the data from a relational
databasethatcontains the customer dat
a. Then the company will transform the data by using a series of complex rules. The company will
load the data to Amazon S3 when the transformations are complete.
All data must be encrypted where it is processed before the company stores the data in Amazon S3.
All data must be encrypted by using customer-specific keys.
Which solution will meet these requirements with the LEAST amount of operational effort?
Options
Discussion
C . Seen similar questions in official practice tests and AWS doc references, always points to Glue + client-side KMS for customer keys when minimal ops overhead is key. Worth reviewing the AWS exam guide on encryption if you want to be sure though. Agree?
C. not D. EMR clusters are way more work to manage and server-side encryption (like SSE-KMS) doesn't guarantee data is encrypted before landing in S3. Glue with client-side KMS checks all requirements, pretty sure. Disagree?
Its C, not totally sure but client-side encryption w/ KMS for customer keys sounds right here. Can someone double-check?
Its C. Client-side encryption with KMS lets you handle customer-specific keys with Glue and keeps things low effort operationally.
Be respectful. No spam.
