AWS SAP-C02 · Question 12 · Domain 1.2: Security Controls
An enterprise is migrating its on-premises data lake to Amazon S3. They have 5 PB of data. The data must be encrypted at rest using keys managed by the enterprise's on-premises Hardware Security Module (HSM). The migration must be completed within 30 days, and their internet connection is 1 Gbps, heavily utilized by other workloads. Which combination of steps should the architect take? (Select THREE)
Answer options:
Use AWS DataSync over the existing internet connection.
Order multiple AWS Snowball Edge Storage Optimized devices.
Use AWS KMS with imported key material from the on-premises HSM.
Configure AWS KMS to use a Custom Key Store backed by AWS CloudHSM.
Establish a Site-to-Site VPN to synchronize the on-premises HSM with AWS CloudHSM.
Use AWS Storage Gateway Volume Gateway.
Order an AWS Snowmobile.
75 questions · hints · full answers · grading
Expert