Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SCS-C02 Topic 8 Question 34 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 34
Topic #: 8
[All SCS-C02 Questions]

A security engineer is implementing a solution to allow users to seamlessly encrypt Amazon S3 objects without having to touch the keys directly. The solution must be highly scalable without requiring continual management. Additionally, the organization must be able to immediately delete the encryption keys.

Which solution meets these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Ryann at Sep 14, 2024, 04:32 PM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Chantay
3 months ago
I'm gonna have to go with option A. Keeping things simple with KMS and being able to nuke those keys on demand? Sounds like a winner to me!
upvoted 0 times
...
Janey
3 months ago
Hah! Option D with the Parameter Store? That's like trying to hide your keys under the doormat. Not very secure if you ask me.
upvoted 0 times
Leota
2 months ago
Leota: Definitely, we need a solution that can encrypt S3 objects seamlessly without compromising security. Option A seems to be the way to go.
upvoted 0 times
...
Leota
2 months ago
User 2: I agree, it's important to have a solution that is both secure and scalable. Option A seems to meet those requirements.
upvoted 0 times
...
Izetta
3 months ago
Option A seems like the best choice. Using AWS KMS with managed keys and ScheduleKeyDeletion API sounds secure and scalable.
upvoted 0 times
...
...
Felicidad
3 months ago
Option C with CloudHSM is interesting, but I'm not sure I want to deal with the extra complexity of a separate hardware appliance.
upvoted 0 times
Latricia
2 months ago
A: Definitely, we want to make sure it's easy to delete the keys when needed without extra complexity.
upvoted 0 times
...
Rozella
2 months ago
That's true, dealing with a separate hardware appliance can add complexity.
upvoted 0 times
...
Ricki
2 months ago
B: I agree, it's important to consider ease of management when choosing a solution.
upvoted 0 times
...
Cammy
2 months ago
C) Use AWS CloudHSM to store the keys and then use the CloudHSM API or the PKCS11 library to delete the keys if necessary.
upvoted 0 times
...
Maryrose
2 months ago
B) Use KMS with AWS imported key material and then use the DeletelmportedKeyMaterial API to remove the key material if necessary.
upvoted 0 times
...
Arlen
2 months ago
A: Option A with AWS KMS managed keys seems like a simple and scalable solution.
upvoted 0 times
...
Gianna
3 months ago
A) Use AWS KMS with AWS managed keys and the ScheduleKeyDeletion API with a PendingWindowInDays set to 0 to remove the keys if necessary.
upvoted 0 times
...
...
Raina
3 months ago
I'm not sure, I think option C) using AWS CloudHSM might be a better choice for securely storing and deleting keys.
upvoted 0 times
...
Gabriele
4 months ago
I agree with Kina, using AWS managed keys and ScheduleKeyDeletion API seems like the most scalable and easy to manage solution.
upvoted 0 times
...
Kina
4 months ago
I think the answer is A) Use AWS KMS with AWS managed keys and the ScheduleKeyDeletion API.
upvoted 0 times
...
Ciara
4 months ago
I'm not sure about option B. Importing your own key material and then trying to delete it? Sounds risky to me.
upvoted 0 times
...
Tammy
4 months ago
Option A looks good to me! AWS KMS with managed keys and the ability to quickly delete them seems like a hassle-free solution.
upvoted 0 times
Christiane
3 months ago
I agree, using AWS KMS with managed keys and the ScheduleKeyDeletion API with a PendingWindowInDays set to 0 seems like the best choice for scalability and easy key management.
upvoted 0 times
...
Val
4 months ago
Option A looks good to me! AWS KMS with managed keys and the ability to quickly delete them seems like a hassle-free solution.
upvoted 0 times
...
...

Save Cancel