ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Engineer - Associate DEA-C01 All Questions

View all questions & answers for the AWS Certified Data Engineer - Associate DEA-C01 exam
Go to Exam

Exam AWS Certified Data Engineer - Associate DEA-C01 topic 1 question 181 discussion

Exam question from Amazon's AWS Certified Data Engineer - Associate DEA-C01
Question #: 181
Topic #: 1
[All AWS Certified Data Engineer - Associate DEA-C01 Questions]

A data engineer is launching an Amazon EMR cluster. The data that the data engineer needs to load into the new cluster is currently in an Amazon S3 bucket. The data engineer needs to ensure that data is encrypted both at rest and in transit.

The data that is in the S3 bucket is encrypted by an AWS Key Management Service (AWS KMS) key. The data engineer has an Amazon S3 path that has a Privacy Enhanced Mail (PEM) file.

Which solution will meet these requirements?

  • A. Create an Amazon EMR security configuration. Specify the appropriate AWS KMS key for at-rest encryption for the S3 bucket. Create a second security configuration. Specify the Amazon S3 path of the PEM file for in-transit encryption. Create the EMR cluster, and attach both security configurations to the cluster.
  • B. Create an Amazon EMR security configuration. Specify the appropriate AWS KMS key for local disk encryption for the S3 bucket. Specify the Amazon S3 path of the PEM file for in-transit encryption. Use the security configuration during EMR cluster creation.
  • C. Create an Amazon EMR security configuration. Specify the appropriate AWS KMS key for at-rest encryption for the S3 bucket. Specify the Amazon S3 path of the PEM file for in-transit encryption. Use the security configuration during EMR cluster creation.
  • D. Create an Amazon EMR security configuration. Specify the appropriate AWS KMS key for at-rest encryption for the S3 bucket. Specify the Amazon S3 path of the PEM file for in-transit encryption. Create the EMR cluster, and attach the security configuration to the cluster.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by emupsx1 at Nov. 25, 2024, 7:43 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AWSMM
2 days, 2 hours ago
Selected Answer: D
D correctly identifies the need for a single EMR security configuration that encompasses both at-rest (using the KMS key related to your S3 data) and in-transit (using the PEM file path) encryption settings. Attaching this single configuration to the cluster during creation is the standard and most efficient way to apply these security measures.
upvoted 1 times
...
italiancloud2025
2 months ago
Selected Answer: D
D: Sí, porque crea una única configuración de seguridad que especifica encriptación en reposo (con KMS) y en tránsito (usando el archivo PEM), y se adjunta al clúster durante su creación.
upvoted 1 times
...
emupsx1
5 months ago
Selected Answer: C
https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-specify-security-configuration.html
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago