Examtopics

AWS Certified Solutions Architect - Associate

644
646

Topic 1 Question 645
A company is required to use cryptographic keys in its on-premises key manager. The key manager is outside of the AWS Cloud because of regulatory and compliance requirements. The company wants to manage encryption and decryption by using cryptographic keys that are retained outside of the AWS Cloud and that support a variety of external key managers from different vendors.

Which solution will meet these requirements with the LEAST operational overhead?
- Use AWS CloudHSM key store backed by a CloudHSM cluster.
- Use an AWS Key Management Service (AWS KMS) external key store backed by an external key manager.
- Use the default AWS Key Management Service (AWS KMS) managed key store.
- Use a custom key store backed by an AWS CloudHSM cluster.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: B
  https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html
  
  👍 4
  potomac2023/11/07
- 正解だと思う選択肢: B
  https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#:~:text=Document%20history-,External%20key%20stores,-PDF
  
  👍 2
  TariqKipkemei2023/12/04
- 正解だと思う選択肢: B
  Keys are supposed to be managed "outside of the AWS cloud", thus A, C and D are out.
  
  👍 2
  pentium752024/01/02
シャッフルモード

644
646