Multiple Choice
A company wants to migrate a workload to AWS. The chief information security officer requires that all data be encrypted at rest when stored in the cloud. The company wants complete control of encryption key lifecycle management. The company must be able to immediately remove the key material and audit key usage independently of AWS CloudTrail. The chosen services should integrate with other storage services that will be used on AWS. Which services satisfies these security requirements?
A) AWS CloudHSM with the CloudHSM client
B) AWS Key Management Service (AWS KMS) with AWS CloudHSM
C) AWS Key Management Service (AWS KMS) with an external key material origin
D) AWS Key Management Service (AWS KMS) with AWS managed customer master keys (CMKs)
Correct Answer:
Verified
Correct Answer:
Verified
Q453: A company has a web server running
Q454: A company is relocating its data center
Q455: A company runs an application on a
Q456: A company is designing a new web
Q457: A company has a highly dynamic batch
Q459: A company has two AWS accounts: Production
Q460: An ecommerce company is experiencing an increase
Q461: A company has a large Microsoft SharePoint
Q462: A company's order fulfillment service uses a
Q463: A company manages its own Amazon EC2