Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam SCS-C02 Topic 8 Question 34 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 34
Topic #: 8
[All SCS-C02 Questions]

A security engineer is implementing a solution to allow users to seamlessly encrypt Amazon S3 objects without having to touch the keys directly. The solution must be highly scalable without requiring continual management. Additionally, the organization must be able to immediately delete the encryption keys.

Which solution meets these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Chantay
3 days ago
I'm gonna have to go with option A. Keeping things simple with KMS and being able to nuke those keys on demand? Sounds like a winner to me!
upvoted 0 times
...
Janey
5 days ago
Hah! Option D with the Parameter Store? That's like trying to hide your keys under the doormat. Not very secure if you ask me.
upvoted 0 times
...
Felicidad
13 days ago
Option C with CloudHSM is interesting, but I'm not sure I want to deal with the extra complexity of a separate hardware appliance.
upvoted 0 times
...
Raina
17 days ago
I'm not sure, I think option C) using AWS CloudHSM might be a better choice for securely storing and deleting keys.
upvoted 0 times
...
Gabriele
23 days ago
I agree with Kina, using AWS managed keys and ScheduleKeyDeletion API seems like the most scalable and easy to manage solution.
upvoted 0 times
...
Kina
1 months ago
I think the answer is A) Use AWS KMS with AWS managed keys and the ScheduleKeyDeletion API.
upvoted 0 times
...
Ciara
1 months ago
I'm not sure about option B. Importing your own key material and then trying to delete it? Sounds risky to me.
upvoted 0 times
...
Tammy
1 months ago
Option A looks good to me! AWS KMS with managed keys and the ability to quickly delete them seems like a hassle-free solution.
upvoted 0 times
Christiane
21 days ago
User 2: I agree, using AWS KMS with managed keys and the ScheduleKeyDeletion API with a PendingWindowInDays set to 0 seems like the best choice for scalability and easy key management.
upvoted 0 times
...
Val
26 days ago
User 1: Option A looks good to me! AWS KMS with managed keys and the ability to quickly delete them seems like a hassle-free solution.
upvoted 0 times
...
...

Save Cancel