ExpertEasy1 markMultiple Choice
AWS SAA-C03 · Question 20 · Domain 1.3: Data Security
A developer is creating a new Amazon DynamoDB table and needs to ensure that all data is encrypted at rest. <br/><br/>What action must the developer take to enable encryption at rest for the DynamoDB table?
A developer is creating a new Amazon DynamoDB table and needs to ensure that all data is encrypted at rest. <br/><br/>What action must the developer take to enable encryption at rest for the DynamoDB table?
Answer options:
A.
Enable encryption in the table settings during creation.
B.
No action is required; DynamoDB encrypts all data at rest by default.
C.
Use the DynamoDB Encryption Client in the application code.
D.
Attach an IAM policy to the table enforcing the sse:Encrypt action.
How to approach this question
Know which AWS services have encryption enabled by default.
Full Answer
B.No action is required; DynamoDB encrypts all data at rest by default.✓ Correct
No action is required; DynamoDB encrypts all data at rest by default.
Amazon DynamoDB encrypts all user data at rest by default. You cannot turn it off. You can only choose which KMS key is used (AWS owned key, AWS managed key, or customer managed key).
Common mistakes
Thinking encryption must be manually enabled for DynamoDB.
Practice the full AWS SAA-C03 Practice Exam 6
65 questions · hints · full answers · grading
More questions from this exam
Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants...MediumQ02A company has two AWS accounts: Account A for development and Account B for production. Developer...MediumQ03A mobile application needs to authenticate users using their social media accounts (Facebook, Goo...EasyQ04A company is running an application on Amazon EC2 instances. The application needs to connect to ...MediumQ05A company has 50 AWS accounts managed by AWS Organizations. The IT team wants to implement a cent...Easy