Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam BDS-C00 Topic 3 Question 92 Discussion

Actual exam question for Amazon's BDS-C00 exam
Question #: 92
Topic #: 3
[All BDS-C00 Questions]

An organization needs to store sensitive information on Amazon S3 and process it through Amazon EMR. Data must be encrypted on Amazon S3 and Amazon EMR at rest and in transit. Using Thrift Server, the Data Analysis team users HIVE to interact with this data. The organization would like to grant access to only specific databases and tables, giving permission only to the SELECT statement.

Which solution will protect the data and limit user access to the SELECT statement on a specific portion of data?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Mendy at May 09, 2024, 08:38 AM

Limited Time Offer

25%

Off

Get Premium BDS-C00 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Mari
1 months ago
I bet the exam writer is like, 'Let's see if they can spot the most secure and efficient solution!' Gotta love these tricky certification questions.
upvoted 0 times
Pansy
1 days ago
D) Configure Security Group on Amazon EMR. Create an Amazon VPC endpoint for Amazon S3. Configure HiveServer2 to use Kerberos authentication on the cluster.
upvoted 0 times
...
Simona
5 days ago
C) Use AWS KMS for encryption of data. Configure and attach multiple roles with different permissions based on the different user needs.
upvoted 0 times
...
Kimberely
19 days ago
B) Configure data encryption at rest for EMR File System (EMRFS) on Amazon S3. Configure data encryption in transit for traffic between Amazon S3 and EMRFS. Configure storage and SQL base authorization on HiveServer2.
upvoted 0 times
...
...
Lenna
2 months ago
Option A seems a bit overkill. Why bring in Apache Ranger when we can handle the encryption and authorization with the built-in EMR and Hive features?
upvoted 0 times
Alba
1 months ago
D) Configure Security Group on Amazon EMR. Create an Amazon VPC endpoint for Amazon S3. Configure HiveServer2 to use Kerberos authentication on the cluster.
upvoted 0 times
...
Anthony
1 months ago
C) Use AWS KMS for encryption of data. Configure and attach multiple roles with different permissions based on the different user needs.
upvoted 0 times
...
Xochitl
1 months ago
B) Configure data encryption at rest for EMR File System (EMRFS) on Amazon S3. Configure data encryption in transit for traffic between Amazon S3 and EMRFS. Configure storage and SQL base authorization on HiveServer2.
upvoted 0 times
...
...
Na
2 months ago
Haha, I love the idea of 'Kerberos authentication on the cluster' in Option D. That's some serious security! But I don't think it's the best fit for this scenario.
upvoted 0 times
Nell
8 days ago
Haha, I agree! Option B seems like the best fit for this scenario. It covers both encryption and authorization aspects.
upvoted 0 times
...
Evette
24 days ago
C) Use AWS KMS for encryption of data. Configure and attach multiple roles with different permissions based on the different user needs.
upvoted 0 times
...
Florinda
1 months ago
B) Configure data encryption at rest for EMR File System (EMRFS) on Amazon S3. Configure data encryption in transit for traffic between Amazon S3 and EMRFS. Configure storage and SQL base authorization on HiveServer2.
upvoted 0 times
...
...
Corrinne
2 months ago
I'm leaning towards Option C. Using AWS KMS for encryption and configuring multiple roles with different permissions sounds like a flexible and secure approach.
upvoted 0 times
Moon
4 days ago
That's a valid point. Maybe we should consider Option A as well for a more comprehensive approach.
upvoted 0 times
...
Florinda
5 days ago
But what about using Apache Ranger for authorization? Wouldn't that be more efficient?
upvoted 0 times
...
Tanja
11 days ago
I agree, having multiple roles with different permissions adds an extra layer of security.
upvoted 0 times
...
Oliva
2 months ago
Option C sounds like a good choice. AWS KMS for encryption is reliable.
upvoted 0 times
...
...
Daniel
2 months ago
Option B seems like the way to go. Encrypting the data at rest and in transit, and then configuring authorization on HiveServer2 to limit access to specific databases and tables, is a comprehensive solution.
upvoted 0 times
Ricarda
1 months ago
I agree. It's important to have encryption in place for both storage and data transfer, along with strict authorization controls to protect sensitive information.
upvoted 0 times
...
Stephaine
2 months ago
Option B seems like the way to go. Encrypting the data at rest and in transit, and then configuring authorization on HiveServer2 to limit access to specific databases and tables, is a comprehensive solution.
upvoted 0 times
...
...
Coral
2 months ago
I'm not sure, I think option C could also work well. Using AWS KMS for encryption and attaching roles with different permissions seems like a good approach too.
upvoted 0 times
...
Hannah
2 months ago
I agree with Arlene. Option B seems like the most comprehensive solution to protect the data and limit user access effectively.
upvoted 0 times
...
Arlene
3 months ago
I think option B is the best solution. It covers encryption at rest and in transit, and also limits user access with SQL base authorization on HiveServer2.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77