AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A company is building an online platform on a popular cloud provider and must ensure end-to-end encryption of its web traffic. Which service should be deployed to manage the lifecycle of SSL/TLS certificates for secure HTTPS connections, including automatic renewals, without significant manual intervention?
You selected this option
An identity and user authentication service with external federation capabilities
You selected this option
A key management service that specializes in creating and controlling encryption keys
You selected this option
Manually generated self-signed certificates stored on a secure object storage service
You selected this option
The cloud provider's certificate management service
The correct service to use for automating the issuance and renewal of SSL/TLS certificates for secure HTTPS communication is the cloud provider's certificate management service. It provides a simple way to provision and manage these certificates natively within the ecosystem of hosted applications and services. Answer choices that suggest self-signed certificates, encryption key management service, or identity management service are incorrect, as they do not inherently provide a managed process for handling SSL/TLS certificates lifecycle or they serve different purposes, such as managing encryption keys for data at rest or providing user authentication and federation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are SSL and TLS, and why are they important?
Open an interactive chat with Bash
What does end-to-end encryption mean?
Open an interactive chat with Bash
What is a cloud provider's certificate management service?