Free AWS Certified Developer Associate DVA-C02 Practice Question

A development team must secure sensitive customer files in cloud-based object storage. The requirements stipulate that the encryption keys used should be under the company's direct control, with an automated process for changing these keys periodically. Which service and configuration would best fulfill these criteria?

  • Adopt a hardware security module service for key storage and institute a manual rotation process

  • Use self-managed keys in Key Management Service set to automatically rotate for object storage server-side encryption

  • Engage a private certificate authority to apply server-side encryption policies to the cloud storage

  • Enable a managed key rotation service within the platform's cloud object storage

This question's topic:
AWS Certified Developer Associate DVA-C02 / 
Security
Your Score:

Check or uncheck an objective to set which questions you will receive.