ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SAP on AWS - Specialty PAS-C01 All Questions

View all questions & answers for the AWS Certified SAP on AWS - Specialty PAS-C01 exam
Go to Exam

Exam AWS Certified SAP on AWS - Specialty PAS-C01 topic 1 question 4 discussion

Exam question from Amazon's AWS Certified SAP on AWS - Specialty PAS-C01
Question #: 4
Topic #: 1
[All AWS Certified SAP on AWS - Specialty PAS-C01 Questions]

A company is implementing SAP HANA on AWS. According to the company’s security policy, SAP backups must be encrypted. Only authorized team members can have the ability to decrypt the SAP backups.
What is the MOST operationally efficient solution that meets these requirements?

  • A. Configure AWS Backint Agent for SAP HANA to create SAP backups in an Amazon S3 bucket. After a backup is created, encrypt the backup by using client-side encryption. Share the encryption key with authorized team members only.
  • B. Configure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups. Create a key policy to grant decryption permission to authorized team members only.
  • C. Configure AWS Storage Gateway to transfer SAP backups from a file system to an Amazon S3 bucket. Use an S3 bucket policy to grant decryption permission to authorized team members only.
  • D. Configure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups. Grant object ACL decryption permission to authorized team members only.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by sagsgg at Jan. 25, 2023, 5:38 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
schalke04
Highly Voted 2 years, 5 months ago
Selected Answer: B
The MOST operationally efficient solution that meets the requirements is option B: Configure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups. Create a key policy to grant decryption permission to authorized team members only. AWS KMS is a managed service that makes it easy to create and control encryption keys used to encrypt your data. By using AWS KMS to encrypt the backups, the encryption and decryption of the data is handled by AWS, freeing up the company's resources. Additionally, the key policy ensures that only authorized team members can decrypt the backups, thereby meeting the security requirements.
upvoted 9 times
...
Hyperdanny
Highly Voted 2 years, 5 months ago
B, since it is the most efficient option. A would work too, but requires more effort.
upvoted 5 times
...
ggrodskiy
Most Recent 1 year, 11 months ago
Correct B. AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups. AWS Backint Agent for SAP HANA is a tool that integrates SAP HANA with Amazon S3 and enables you to create and manage SAP HANA backups in Amazon S3https://docs.aws.amazon.com/sap/latest/sap-hana/aws-backint-agent-Amazon-S3.html. AWS KMS is a service that allows you to create and manage encryption keys and use them to encrypt and decrypt data in AWS services and in your applicationshttps://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html. By using AWS Backint Agent for SAP HANA with AWS KMS, you can encrypt your SAP backups with a customer master key (CMK) that you control and specify in the AWS Backup vault that stores your backupshttps://docs.aws.amazon.com/sap/latest/sap-hana/aws-backint-agent-Amazon-S3.html. You can also create a key policy to grant decryption permission to authorized team members only, which will ensure that only they can access and restore the encrypted backupshttps://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html.
upvoted 1 times
...
kk8s
2 years, 5 months ago
A https://aws.amazon.com/blogs/apn/managing-sap-hana-database-backups-on-aws-with-syntax-cxlink-backup/
upvoted 1 times
...
SMALLAM
2 years, 5 months ago
I also think it’s B
upvoted 4 times
...
sagsgg
2 years, 5 months ago
Selected Answer: B
I think B
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel