Kafka - Kubernetes and Cloud Deployment
You want to configure an Amazon MSK cluster to encrypt data both at rest and in transit. Which combination of settings should you enable?
You want to configure an Amazon MSK cluster to encrypt data both at rest and in transit. Which combination of settings should you enable?
hard📝 Application Q8 of 15
Step-by-Step Solution
Solution:
Step 1: Understand encryption at rest and in transit
Encryption at rest protects stored data (using AWS KMS), encryption in transit protects data moving over network (using TLS/SSL).Step 2: Match settings to encryption goals
Enable AWS KMS encryption for storage and TLS for client connections enables both AWS KMS for storage encryption and TLS for network encryption, fulfilling both requirements.Final Answer:
Enable AWS KMS encryption for storage and TLS for client connections -> Option AQuick Check:
At rest + in transit encryption = KMS + TLS [OK]
Quick Trick: Use KMS for storage and TLS for network encryption [OK]
Common Mistakes:
MISTAKES- Confusing SSL with storage encryption
- Enabling only one encryption type
- Thinking client-side encryption covers all
Master "Kubernetes and Cloud Deployment" in Kafka
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Kafka Quizzes