A company hosts a web-based application that captures and stores sensitive data in an Amazon DynamoDB table. A security audit reveals that the application does not provide end-to-end data protection or the ability to detect unauthorized data changes. The software engineering team needs to make changes that will address the audit findings. Which set of steps should the software engineering team take?

Topic #: - All AWS Certified Security - Specialty Questions

A. Use an AWS Key Management Service (AWS CMK) CMK. Encrypt the data at rest.
B. Use AWS Certificate Manager (ACM) Private Certificate Authority. Encrypt the data in transit.
C. Use a DynamoDB encryption client. Use client-side encryption and sign the table items.
D. Use the AWS Encryption SDK. Use client-side encryption and sign the table items.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Reference Material:

Suggested Answer:

Reference Material:

Share this post

Join the Discussion