A technician is migrating a database from an on-premises server to a cloud platform. The database contains sensitive customer information. The company requires that data be encrypted both at rest and in transit. Which combination of technologies should the technician implement?
TLS secures data during transmission, and AES-256 (via cloud provider encryption) secures stored data, meeting both requirements.
Why this answer
For data in transit, TLS/SSL encrypts communication between the application and the database. For data at rest, the cloud provider's encryption feature (e.g., AWS EBS encryption or Azure SQL TDE) encrypts the stored data. AES-256 is a common encryption standard for at-rest data, but it must be implemented by the provider's service.