Security Management

5 minutes 5 Questions

AWS CloudTrail is an essential tool for creating a foundation of security and visibility within an AWS environment, allowing you to continuously monitor and manage the overall security posture of your resources. It simplifies your compliance auditing by providing an audit trail of all user activity…

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

You need to encrypt an RDS database at rest in a Multi-AZ configuration. What encryption method should you choose?

AWS CloudHSM AWS KMS Client-side encryption Amazon S3 SSE

Correct Answer: AWS KMS

AWS Key Management Service (KMS) is the best encryption method for RDS databases at rest in a Multi-AZ configuration. It is a scalable, managed service that integrates directly with RDS and can be used for both encryption and decryption operations.

Question 2

Your company is deploying an application on AWS, and you need to implement strict security requirements, including controlled access by IAM users, audit trails, and encryption KeyVault. What AWS services should you use?

AWS IAM, CloudFront, and KMS AWS IAM, CloudTrail, and S3 AWS IAM, CloudTrail, and KMS AWS Cognito, CloudWatch, and KeyVault

Correct Answer: AWS IAM, CloudTrail, and KMS

AWS Identity and Access Management (IAM) allows you to manage access to AWS services and resources securely, while AWS CloudTrail provides visibility into user activity by recording actions taken on your account. AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and control the cryptographic keys used to encrypt your data.

Question 3

You need to set up a VPC to host an Amazon RDS database and an EC2 web server. Your company requires that communication between the instances must be encrypted. How do you achieve this?

Use an Elastic IP address Encrypt traffic using TLS Enable EBS encryption on the RDS instance Use a VPC peering connection

Correct Answer: Encrypt traffic using TLS

By using Transport Layer Security (TLS), you can ensure the secure communication between the EC2 web server and the Amazon RDS database instance by encrypting the data during transit.

🎓 Unlock Premium Access

AWS Certified Solutions Architect - Associate + ALL Certifications

Security Management

Security Management with AWS CloudTrail: A Comprehensive Guide

AWS Certified Solutions Architect - Security Management Example Questions

Question 1

Question 2

Question 3

🎓 Unlock Premium Access