Multiple Choice
A company plans to migrate a sensitive dataset to Amazon S3. A Security Engineer must ensure that the data is encrypted at rest. The encryption solution must enable the company to generate its own keys without needing to manage key storage or the encryption process. What should the Security Engineer use to accomplish this?
A) Server-side encryption with Amazon S3-managed keys (SSE-S3)
B) Server-side encryption with AWS KMS-managed keys (SSE-KMS)
C) Server-side encryption with customer-provided keys (SSE-C)
D) Client-side encryption with an AWS KMS-managed CMK
Correct Answer:
Verified
Correct Answer:
Verified
Q11: A company's security engineer has been asked
Q12: A company has an application hosted in
Q13: A Software Engineer wrote a customized reporting
Q14: A company will store sensitive documents in
Q15: A company has a serverless application for
Q17: A company requires that IP packet data
Q18: A company wants to encrypt the private
Q19: An organization policy states that all encryption
Q20: An organization receives an alert that indicates
Q21: A company uses AWS Organization to manage