Topic 1 Question 1009
A company runs an environment where data is stored in an Amazon S3 bucket. The objects are accessed frequently throughout the day. The company has strict da ta encryption requirements for data that is stored in the S3 bucket. The company currently uses AWS Key Management Service (AWS KMS) for encryption.
The company wants to optimize costs associated with encrypting S3 objects without making additional calls to AWS KMS.
Which solution will meet these requirements?
Use server-side encryption with Amazon S3 managed keys (SSE-S3).
Use an S3 Bucket Key for server-side encryption with AWS KMS keys (SSE-KMS) on the new objects.
Use client-side encryption with AWS KMS customer managed keys.
Use server-side encryption with customer-provided keys (SSE-C) stored in AWS KMS.
ユーザの投票
コメント(6)
- 正解だと思う選択肢: B👍 78621a7c2024/10/16
- 正解だと思う選択肢: A
All S3 are now encrypted by default and free with SSE-S3, but B is also possible.
👍 3elmyth2024/10/22 optimize costs associated with encrypting S3 objects without making additional calls to AWS KMS. The answer should be A and it also optimize costs- free.
👍 2djhtoon2024/11/12
シャッフルモード