Amazon Exam SCS-C01 Topic 7 Question 6 Discussion

Actual exam question for Amazon's SCS-C01 exam

Question #: 6
Topic #: 7

A company needs to encrypt all of its data stored in Amazon S3. The company wants to use AWS Key Management Service (AWS KMS) to create and manage its encryption keys. The company's security policies require the ability to Import the company's own key material for the keys, set an expiration date on the keys, and delete keys immediately, if needed.

How should a security engineer set up AWS KMS to meet these requirements?

AConfigure AWS KMS and use a custom key store. Create a customer managed CMK with no key material Import the company's keys and key material into the CMK

BConfigure AWS KMS and use the default Key store Create an AWS managed CMK with no key material Import the company's key material into the CMK

CConfigure AWS KMS and use the default key store Create a customer managed CMK with no key material import the company's key material into the CMK

DConfigure AWS KMS and use a custom key store. Create an AWS managed CMK with no key material. Import the company's key material into the CMK.

Show Suggested Answer

Suggested Answer: A

by Audra at May 09, 2022, 10:11 AM

Limited Time Offer

25%

Off

Get Premium SCS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!