Topic 1 Question 205
A company has an AWS Key Management Service (AWS KMS) customer managed key with imported key material. Company policy requires all encryption keys to be rotated every year.
What should a security engineer do to meet this requirement for this customer managed key?
Enable automatic key rotation annually for the existing customer managed key.
Use the AWS CLI to create an AWS Lambda function to rotate the existing customer managed key annually.
Import new key material to the existing customer managed key. Manually rotate the key.
Create a new customer managed key. Import new key material to the new key. Point the key alias to the new key.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: D
Option D make more sense
👍 2mikelord2024/10/03 - 正解だと思う選択肢: D
Correct answer is D
👍 2gkaself2024/10/16 Why not C? I think C is correct. D is viable, but it hasmore operational overhead
👍 1imymoco2024/10/21
シャッフルモード