Multiple Choice
A company has recently updated its internal security standards. The company must now ensure all Amazon S3 buckets and Amazon Elastic Block Store (Amazon EBS) volumes are encrypted with keys created and periodically rotated by internal security specialists. The company is looking for a native, software-based AWS service to accomplish this goal. What should a solutions architect recommend as a solution?
A) Use AWS Secrets Manager with customer master keys (CMKs) to store master key material and apply a routine to create a new CMK periodically and replace it in AWS Secrets Manager.
B) Use AWS Key Management Service (AWS KMS) with customer master keys (CMKs) to store master key material and apply a routine to re-create a new key periodically and replace it in AWS KMS.
C) Use an AWS CloudHSM cluster with customer master keys (CMKs) to store master key material and apply a routine to re-create a new key periodically and replace it in the CloudHSM cluster nodes.
D) Use AWS Systems Manager Parameter Store with customer master keys (CMKs) to store master key material and apply a routine to re-create a new key periodically and replace it in the Parameter Store.
Correct Answer:
Verified
Correct Answer:
Verified
Q444: A company wants to deploy a shared
Q445: A company needs to provide its employees
Q446: A company has several business systems that
Q447: A company has a popular gaming platform
Q448: A company has global users accessing an
Q450: A company has multiple applications that use
Q451: A company has an application workflow that
Q452: A company hosts an application on multiple
Q453: A company has a web server running
Q454: A company is relocating its data center