AWS Cloud Practitioner CLF-C02 Practice Question
A company wants to ensure the data stored in their Amazon S3 buckets is protected. What is the BEST method to automatically protect data at rest within an Amazon S3 bucket?
Implement Client-Side Encryption for data before uploading to Amazon S3
Use AWS Key Management Service Managed Keys (SSE-KMS) for both encryption and decryption
Configure an Amazon S3 bucket policy to enforce encryption on upload
Enable Amazon S3 Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)