اختبار شهادة AWS Solutions Architect Associate

السؤال 371 من 539

كل الأسئلة

تنبيه مهم

هذه الصفحة مخصصة للأرشفة وظهور السؤال في نتائج البحث فقط، وليست التجربة الفعلية للاختبار.

A company needs to create an Amazon Elastic Kubernetes Service (Amazon EKS) cluster to host a digital media streaming application. The EKS cluster will use a managed node group that is backed by Amazon Elastic Block Store (Amazon EBS) volumes for storage. The company must encrypt all data at rest by using a customer managed key that is stored in AWS Key Management Service (AWS KMS). Which combination of actions will meet this requirement with the LEAST operational overhead? (Choose two.)

A Use a Kubernetes plugin that uses the customer managed key to perform data encryption.
B After creation of the EKS cluster, locate the EBS volumes. Enable encryption by using the customer managed key.
C Enable EBS encryption by default in the AWS Region where the EKS cluster will be created. Select the customer managed key as the default key.
D Create the EKS cluster. Create an IAM role that has a policy that grants permission to the customer managed key. Associate the role with the EKS cluster.
E Store the customer managed key as a Kubernetes secret in the EKS cluster. Use the customer managed key to encrypt the EBS volumes.

السؤال السابق

السؤال التالي

لا توجد نقاشات منشورة لهذا السؤال حالياً.