You work at a company that makes use of AWS resources. One of the key security policies is to ensure that all data is encrypted both at rest and in transit. Which of the following is the right implementation which aligns with this policy?

Answer options:

A.Use S3 Server-side encryption for data encryption at rest and SSL termination on ELB for data encryption in transit.
B.Use S3 Server-side encryption for data encryption in transit and SSL termination on ELB for data encryption at rest.
C.Enabling Proxy Protocol.
D.Enabling sticky sessions on your load balancer.

Answer - A
Option A is CORRECT because enabling S3 SSE encryption will encrypt data at rest for S3 and SSL termination allows encrypted traffic between the client and ELB.Option B is incorrect because Server-side encryption is for encryption at rest and SSL termination on ELB is for encryption in transit.
Option C is incorrect because Proxy protocol will not ensure encryption of data at rest and in transit.
Proxy Protocol feature allows you to identify the client’s connection information when using TCP load balancing, providing additional insight into visitors to your applications. This information can be useful for analyzing traffic logs, gathering connection statistics, troubleshooting, or managing whitelists of IP addresses. With Proxy Protocol support, the client’s IP address and port are included in the header of the request sent to the back-end servers when using TCP load balancing.
Option D is incorrect because enabling sticky sessions is not a feature to help data encryption.