Which Amazon EC2 feature allows customers to securely convert highly sensitive data into tokens?

The correct answer highlights a feature of Amazon EC2 called Nitro Enclaves, which is specifically designed for processing highly sensitive data in a secure manner. Nitro Enclaves enables the creation of isolated compute environments, which allows customers to run workloads that require stringent data protections. This means that within these enclaves, sensitive data can be processed while ensuring strict access control and a secure environment.

Nitro Enclaves uses virtualized environments to provide strong isolation from the host and other workloads, making it ideal for handling sensitive data without the risk of exposure or data breaches. By utilizing these enclaves, organizations can convert highly sensitive data into tokens securely. Tokenization helps to protect sensitive information by replacing it with a non-sensitive equivalent that cannot be reverse-engineered easily.

The other options, while related to security and data protection, do not specifically address the need for secure conversion of sensitive data into tokens. For example, AWS KMS (Key Management Service) is used for managing encryption keys and securing data at rest and in transit but does not provide the same level of data isolation as Nitro Enclaves. Similarly, Amazon GuardDuty is a threat detection service and Amazon Detective aids in security investigation and analysis, but neither offers features specifically tailored for tokenization in