Topic 1 Question 942
A company regularly uploads confidential data to Amazon S3 buckets for analysis.
The company's security policies mandate that the objects must be encrypted at rest. The company must automatically rotate the encryption key every year. The company must be able to track key rotation by using AWS CloudTrail. The company also must minimize costs for the encryption key.
Which solution will meet these requirements?
Use server-side encryption with customer-provided keys (SSE-C)
Use server-side encryption with Amazon S3 managed keys (SSE-S3)
Use server-side encryption with AWS KMS keys (SSE-KMS)
Use server-side encryption with customer managed AWS KMS keys
ユーザの投票
コメント(15)
- 正解だと思う選択肢: C
SSE keys provided usage fee application and there is no monthly charges, hence its a correct option. D is highly cost option with monthly and usage fee. which is incorrect.
👍 9nebajp2024/08/10 - 正解だと思う選択肢: D
Answer is D
👍 4komorebi2024/08/10 - 正解だと思う選択肢: C
Customer managed key: Monthly fee (pro-rated hourly) + Per-use fee + rotation and cloudtrail AWS managed key: No monthly fee + Per-use fee (some AWS services pay this fee for you)+ rotation and cloudtrail
👍 4elmyth2024/09/01
シャッフルモード