{"id":117,"date":"2021-01-04T08:10:00","date_gmt":"2021-01-04T08:10:00","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question110\/"},"modified":"2021-01-04T08:10:00","modified_gmt":"2021-01-04T08:10:00","slug":"aws-certified-security-specialty-scs-c01-question110","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question110\/","title":{"rendered":"AWS Certified Security – Specialty SCS-C01 – Question110"},"content":{"rendered":"
A Security Engineer must implement mutually authenticated TLS connections between containers that communicate inside a VPC. Which solution would be MOST secure and easy to maintain?

A.<\/strong> Use AWS Certificate Manager to generate certificates from a public certificate authority and deploy them to all the containers.
B.<\/strong> Create a self-signed certificate in one container and use AWS Secrets Manager to distribute the certificate to the other containers to establish trust.
C.<\/strong> Use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a subordinate certificate authority, then create the private keys in the containers and sign them using the ACM PCA API.
D.<\/strong> Use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a subordinate certificate authority, then use AWS Certificate Manager to generate the private certificates and deploy them to all the containers.<\/div>\n

<\/p>\n