AWS Certified SysOps Administrator – Associate (legacy) — Question 808

In a hardware security module (HSM), what is the function of a Transparent Data Encryption (TDE)?

Answer options

• A. To reduce the risk of confidential data theft
• B. To decrease latency
• C. To store SSL certificates
• D. To provide backup

Correct answer: A

Explanation

Transparent Data Encryption (TDE) protects data at rest by encrypting database files, which directly mitigates the risk of confidential data theft if the storage media is compromised. While the hardware security module (HSM) securely hosts the encryption keys used by TDE, TDE itself does not decrease latency, store SSL certificates, or provide backup functionality.