Home » Amazon » AWS DevOps Engineer Professional v.2 » Which of these is a violation of this policy?
You are creating an application which stores extremely sensitive financial information. All information in the system must be encrypted at rest and in transit.
Which of these is a violation of this policy?
A. ELB SSL termination.
B. ELB Using Proxy Protocol v1.
C. CloudFront Viewer Protocol Policy set to HTTPS redirection.
D. Telling S3 to use AES256 on the server-side.
Correct Answer: A
Explanation/Reference:
Explanation:
Terminating SSL terminates the security of a connection over HTTP, removing the S for “Secure” in HTTPS. This violatesthe “encryption in transit” requirementin the scenario.
Reference: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-listener-config.htm