New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SAP-C02 Exam - Topic 9 Question 33 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 33
Topic #: 9
[All SAP-C02 Questions]

A company needs to use an AWS Transfer Family SFTP-enabled server with an Amazon S3 bucket to receive updates from a third-party data supplier. The data is encrypted with Pretty Good Privacy (PGP) encryption The company needs a solution that will automatically decrypt the data after the company receives the data

A solutions architect will use a Transfer Family managed workflow The company has created an 1AM service role by using an 1AM policy that allows access to AWS Secrets Manager and the S3 bucket The role's trust relationship allows the transfer amazonaws com service to assume the rote

What should the solutions architect do next to complete the solution for automatic decryption'?

Show Suggested Answer Hide Answer
Suggested Answer: C

Store the PGP Private Key:

Step 1: In the AWS Management Console, navigate to AWS Secrets Manager.

Step 2: Store the PGP private key in Secrets Manager. Ensure the key is encrypted and properly secured.

Set Up the Transfer Family Managed Workflow:

Step 1: In the AWS Transfer Family console, create a new managed workflow.

Step 2: Add a nominal step to the workflow that includes the decryption of the files. Configure this step with the PGP decryption parameters, referencing the PGP private key stored in Secrets Manager.

Step 3: Associate this workflow with the Transfer Family SFTP server, ensuring that incoming files are automatically decrypted upon receipt.

This solution ensures that the data is securely decrypted as it is transferred from the SFTP server to the S3 bucket, automating the decryption process and leveraging AWS Secrets Manager for key management.

Reference

AWS Transfer Family Documentation

Using AWS Secrets Manager for Managing Secrets

AWS Transfer Family Managed Workflows


by Berry at Jun 18, 2024, 11:03 AM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Daryl
3 months ago
I’m surprised this is even a question, it’s pretty basic AWS stuff!
upvoted 0 times
...
Marla
3 months ago
Wait, why would you store the public key? That seems off.
upvoted 0 times
...
Shawana
3 months ago
Definitely going with C, it’s the most straightforward approach.
upvoted 0 times
...
Kris
4 months ago
I think A is better, using the public key makes more sense.
upvoted 0 times
...
Buck
4 months ago
Option C seems right, you need the private key for decryption.
upvoted 0 times
...
Justine
4 months ago
I keep mixing up nominal and exception-handling steps. I wonder if the workflow needs an exception handler for this scenario, but I can't recall the specifics.
upvoted 0 times
...
Latonia
4 months ago
I practiced a similar question where we had to manage keys in Secrets Manager. I think associating the workflow with the Transfer Family server is crucial, which points to option C again.
upvoted 0 times
...
Dana
4 months ago
I'm not entirely sure, but I feel like the public key is used for encryption, not decryption. That makes me lean away from options A and D.
upvoted 0 times
...
Fernanda
5 months ago
I remember we discussed the importance of using the private key for decryption, so I think option C might be the right choice.
upvoted 0 times
...
Moira
5 months ago
This question seems straightforward, but I want to double-check my understanding. The company has already set up the IAM role and the Transfer Family server, so the next step is to configure the workflow to automatically decrypt the incoming data. I'll carefully review the options to ensure I select the right approach.
upvoted 0 times
...
Agustin
5 months ago
Okay, I think I've got this. The key is to add a step in the Transfer Family managed workflow to handle the decryption process. I just need to decide whether to use a nominal step or an exception-handling step, and configure the PGP parameters accordingly.
upvoted 0 times
...
Erick
5 months ago
Hmm, I'm a bit confused about the difference between storing the PGP public key versus the private key in Secrets Manager. I'll need to make sure I understand the encryption and decryption process properly before selecting an answer.
upvoted 0 times
...
Eric
5 months ago
This seems like a straightforward question about setting up automatic decryption for encrypted data received via an AWS Transfer Family SFTP server. I'll need to carefully read through the options and think about the appropriate steps to configure the workflow.
upvoted 0 times
...
Margarett
5 months ago
Okay, let's see. I think the key is understanding what a "process goal" is trying to achieve. I'll need to weigh the options against that.
upvoted 0 times
...
Maia
5 months ago
Hmm, I'm a little unsure about this one. I know there are ways to track time in Ansible, but I can't recall the specific details. I'll need to carefully read through the options and see which ones match the description.
upvoted 0 times
...
Stefany
5 months ago
The key seems to be identifying a product risk, not a process risk. I'll focus on potential issues with the airbag deployment system itself.
upvoted 0 times
...

Save Cancel