AWS Certified Cloud Practitioner — Question 706
Which combination of AWS services or features can a company use to encrypt data in transit and data at rest? (Choose two.)
Answer options
- A. AWS Lambda
- B. AWS Key Management Service (AWS KMS)
- C. Amazon CloudWatch metrics
- D. AWS Certificate Manager (ACM)
- E. AWS Systems Manager
Correct answer: B, D
Explanation
AWS Key Management Service (AWS KMS) allows users to easily generate and control the encryption keys used to protect data at rest. AWS Certificate Manager (ACM) is used to provision, manage, and deploy SSL/TLS certificates to secure data in transit. AWS Lambda, Amazon CloudWatch, and AWS Systems Manager are not primary services designed for managing cryptographic keys or SSL/TLS certificates.