A banking company is currently using an Amazon Redshift cluster with dense storage (DS) nodes to store sensitive data. An audit found that the cluster is unencrypted. Compliance requirements state that a database with sensitive data must be encrypted through a hardware security module (HSM) with automated key rotation. Which combination of steps is required to achieve compliance? (Choose two.)
A) Set up a trusted connection with HSM using a client and server certificate with automatic key rotation.
B) Modify the cluster with an HSM encryption option and automatic key rotation.
C) Create a new HSM-encrypted Amazon Redshift cluster and migrate the data to the new cluster.
D) Enable HSM with key rotation through the AWS CLI.
E) Enable Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) encryption in the HSM.

Question

Quizplus · Accepted Answer

The Answer of A banking company is currently using an Amazon Redshift cluster with dense storage (DS) nodes to store sensitive data. An audit found that the cluster is unencrypted. Compliance requirements state that a database with sensitive data must be encrypted through a hardware security module (HSM) with automated key rotation. Which combination of steps is required to achieve compliance? (Choose two.)
A) Set up a trusted connection with HSM using a client and server certificate with automatic key rotation.
B) Modify the cluster with an HSM encryption option and automatic key rotation.
C) Create a new HSM-encrypted Amazon Redshift cluster and migrate the data to the new cluster.
D) Enable HSM with key rotation through the AWS CLI.
E) Enable Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) encryption in the HSM.

A Banking Company Is Currently Using an Amazon Redshift Cluster