A company has a requirement to create a DynamoDB table. The company’s software architect has provided the following CLI command for the DynamoDB table
aws dynamodb create-table \
--table-name Customers \
--attribute-definitions \
AttributeName=ID,AttributeType=S \
AttributeName=Name,AttributeType=S \
--key-schema \
AttributeName=ID,KeyType=HASH \
AttributeName=Name,KeyType=RANGE \
--provisioned-throughput \
ReadCapacityUnits=10,WriteCapacityUnits=5 \
--sse-specification Enabled=true
Which of the following has been taken care of from a security perspective from the above command?

Answer options:

A.Since the ID is hashed, it ensures the security of the underlying table.
B.The above command ensures data encryption at rest for the Customer table.
C.The above command ensures data encryption in transit for the Customer table.
D.The right throughput has been specified from a security perspective.

Answer: B
Options A is incorrect because hashing the ID does not provide security to the underlying table. Hashing is mainly used for better indexing.
Option B is CORRECT because the command with “--sse-specification Enabled=true“ parameter ensures that the data for the DynamoDB table is encrypted at rest, which complies with our security requirement.
Option C is incorrect because sse-specification provides encryption at rest and not encryption in transit.
Option D is incorrect because providing the right throughput does not satisfy our security requirements with the table.
For more information on DynamoDB encryption, kindly refer to the following URL:
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/encryption.tutorial.html