Topic 1 Question 475

AWS Certified Developer - Associate

Topic 1 Question 475
A developer manages encryption keys in AWS Key Management Service (AWS KMS). The developer must ensure that all encryption keys can be deleted immediately when the keys are no longer required. The developer wants a solution that is highly available and does not require manual management for compute infrastructure.

Which solution will meet these requirements?
- Use AWS KMS managed keys. When the keys are no longer required, schedule the keys for immediate deletion.
- Use customer managed keys with imported key material. When the keys are no longer required, delete the imported key material.
- Use customer managed keys. When the keys are no longer required, delete the key material.
- Use customer managed keys and an AWS CloudHSM key store. When the keys are no longer required, schedule the keys for immediate deletion.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: B
  https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-delete-key-material.html
  
  👍 2
  ShakthiGCP2024/12/12
- 正解だと思う選択肢: B
  B is the correct answer. A and C are wrong as AWS KMS managed keys (including AWS-managed keys and customer managed keys) cannot be deleted immediately. They must go through a minimum waiting period of 7 days.
  
  👍 2
  Arad2025/01/09
- 正解だと思う選択肢: A
  AWS KMS allows you to schedule the keys for immediate or future deletion. This makes it easy to delete keys without manual intervention.
  
  👍 1
  xdeveloper2024/12/27
シャッフルモード

ユーザの投票

コメント(4)