Topic 1 Question 510
An AWS Lambda function generates a 3 MB JSON file and then uploads it to an Amazon S3 bucket daily. The file contains sensitive information, so the developer must ensure that it is encrypted before uploading to the bucket.
Which of the following modifications should the developer make to ensure that the data is encrypted before uploading it to the bucket?
Use the default AWS Key Management Service (AWS KMS) key for Amazon S3 in the Lambda function code.
Use the S3 managed key and call the GenerateDataKey API to encrypt the file.
Use the GenerateDataKey API, then use that data key to encrypt the file in the Lambda function code.
Use an AWS Key Management Service (AWS KMS) customer managed key for Amazon S3 in the Lambda function code.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: C
to make sure encrypt before upload
👍 3Dahlia95242024/12/09 - 正解だと思う選択肢: C
generating a data key, then enc # Generate a data key response = kms.generate_data_key(KeyId=key_id, KeySpec='AES_256') plaintext_key = response['Plaintext'] ciphertext_key = response['CiphertextBlob']rypting and decrypting a small string using that data key
👍 2ShakthiGCP2024/12/13
シャッフルモード