You are creating an application which stores extremely sensitive financial information. All information in the system must be encrypted at rest and in transit. Which of these is a violation of this policy?

Answer options:

A.ELB SSL termination.
B.ELB Using Proxy Protocol v1.
C.CloudFront Viewer Protocol Policy set to HTTPS redirection.
D.Telling S3 to use AES256 on the server-side.

Answer – A
 If you use SSL termination, your servers will always get non-secure connections and will never know whether users used a more secure channel or not.
If you are using Elastic beanstalk to configure the ELB, you can use the below article to ensure end to end encryption.
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-endtoend.html