🔥 3-day streak
AWS Certified Advanced Networking - Specialty37 / 141
Question 37 of 141
A financial services company must inspect all outbound TLS traffic from a centralized inspection VPC using third-party firewall appliances behind a Gateway Load Balancer. A compliance mandate requires that the private keys used for TLS decryption never be exportable in plaintext and that all cryptographic operations be performed on FIPS 140-2 Level 3 validated hardware under the company's sole control. The security team wants to minimize custom key-handling code on the appliances. Which approach BEST satisfies these requirements?
Reviewed for accuracy · Report an issueNext question