ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An insurance company must automate nightly transfers of sensitive patient data from its on-premises servers to Amazon S3. Compliance requires encryption in transit, individual key-based user authentication, and no changes to existing bash scripts that currently invoke the sftp command. Which AWS solution best satisfies these requirements while minimizing operational overhead?
Launch a Linux EC2 instance running vsftpd configured for FTPS, store uploads on attached EBS volumes, and synchronize them to S3 with a scheduled script.
Schedule nightly AWS Snowball Edge jobs to collect the files on-site and deliver them to S3 after physical shipment to AWS.
Provision an Amazon FSx for Windows File Server share, mount it over a Site-to-Site VPN using SMB, and copy the files to the share each night.
Create an AWS Transfer Family server that exposes an SFTP endpoint mapped to the target S3 bucket and configure SSH key-based user accounts.
AWS Transfer Family can expose a managed Secure File Transfer Protocol (SFTP) endpoint that maps directly to an S3 bucket. Because SFTP runs over SSH, all data is encrypted in transit and users authenticate with SSH key pairs, meeting the compliance mandate. Existing scripts that already use the standard sftp client continue working unchanged, and AWS handles server availability, scaling, and patching-so operational overhead is minimal.
Running an EC2 instance with vsftpd over FTPS would meet encryption needs but requires you to provision, secure, monitor, and patch the server, and scripts would have to switch from sftp to ftps. Ordering AWS Snowball Edge devices nightly is manual, incurs delay, and does not satisfy the requirement for routine automated transfers over the network. Using Amazon FSx with SMB over a VPN demands Windows file-sharing tools or mounts, so existing sftp-based workflows must be rewritten and you would still manage VPN and file-server scaling. Therefore, the AWS Transfer Family SFTP option is the most suitable choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS Transfer Family and how does it work?
Open an interactive chat with Bash
How does encryption in transit work in SFTP within AWS Transfer Family?
Open an interactive chat with Bash
Why is SSH key-based authentication better for compliance compared to other methods?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .