ExpertAWS SAP-C02 · Question 12 · Domain 1.2: Security Controls
An enterprise is migrating its on-premises data lake to Amazon S3. They have 5 PB of data. The data must be encrypted at rest using keys managed by the enterprise's on-premises Hardware Security Module (HSM). The migration must be completed within 30 days, and their internet connection is 1 Gbps, heavily utilized by other workloads. Which combination of steps should the architect take? (Select THREE)
An enterprise is migrating its on-premises data lake to Amazon S3. They have 5 PB of data. The data must be encrypted at rest using keys managed by the enterprise's on-premises Hardware Security Module (HSM). The migration must be completed within 30 days, and their internet connection is 1 Gbps, heavily utilized by other workloads. Which combination of steps should the architect take? (Select THREE)
Answer options:
Use AWS DataSync over the existing internet connection.
Order multiple AWS Snowball Edge Storage Optimized devices.
Use AWS KMS with imported key material from the on-premises HSM.
Configure AWS KMS to use a Custom Key Store backed by AWS CloudHSM.
Establish a Site-to-Site VPN to synchronize the on-premises HSM with AWS CloudHSM.
Use AWS Storage Gateway Volume Gateway.
Order an AWS Snowmobile.
How to approach this question
Full Answer
Common mistakes
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 4
75 questions · hints · full answers · grading