Topic 1 Question 214
A company uses AWS Key Management Service (AWS KMS). During an attempt to attach an encrypted Amazon Elastic Block Store (Amazon EBS) volume to an Amazon EC2 instance, the attachment fails. The company discovers that a customer managed key has become unusable because the key material for the key was deleted. The company needs the data that is on the EBS volume.
A security engineer must recommend a solution to decrypt the EBS volume’s encrypted data key. The solution must also attach the volume to the EC2 instance.
Which solution will meet these requirements?
Import new key material into the key. Attach the EBS volume.
Restore the EBS volume from a snapshot that was taken before the deletion of the key material.
Reimport the same key material that originally was imported into the key. Attach the EBS volume.
Create a new key. Import new key material. Attach the EBS volume.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: C
The snapshot will be encrypted with the same key that was deleted so decryption of the snapshot will be impossible. Importing the same key material as the deleted key will restore the ability to decrypt the volume.
👍 1DSExam2024/11/04 - 正解だと思う選択肢: C
C] only way is to import the delete material if you still have it somewhere, B] does not wotk because snapshots are encrypted as well
👍 1723993f2024/11/25 - 正解だと思う選択肢: C
C is the only possible way to try to decrypt if the key material was not lost
👍 1jdx0002024/11/26
シャッフルモード