Architecting on AWS 学习笔记系列文章导航页面
44.A company is using a Redshift cluster to store their data warehouse.
There is a requirement from the Internal IT Security team to encrypt data for the Redshift database. How can this be achieved?
A. Encrypt the EBS volumes of the underlying EC2 Instances.
B. Use AWS KMS Customer Default master key
C. Use SSL/TLS for encrypting the data.
D. Use S3 Encryption.
Note:
Amazon Redshift uses a hierarchy of encryption keys to encrypt the database. You can use either AWS Key Management Service (AWS KMS) or a hardware security module (HSM) to manage the top-level encryption keys in this hierarchy. The process that Amazon Redshift uses for encryption differs depending on how you manage keys. For more information on Redshift encryption, please visit the f ollowing URL: (https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html)
45.There is a requirement for block-level storage to store 500GB of data. Data Encryption is also required. Which of the following can be used in such a case?
A. AWS EBS Volumes
B. AWS S3 (Object-level)
C. AWS Glacier (Object-level)
D. AWS EFS (Linux File-level)
Note:
AWS EBS is a Block-level storage service. For more information on EBS Volumes, please visit the following URL: (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html)
46.An application requires an EC2 Instance for continuous batch processing activities requiring a maximum data throughput of 500MiB/s.
Which of the following is the best storage option for this?
A. EBS IOPS
B. EBS SSD
*C. EBS Throughput Optimized
D. EBS Cold Storage