AWS Certified Developer Associate DVA-C02 Practice Question
Which statement accurately describes the relationship between customer-managed keys and AWS-managed keys in AWS Key Management Service (AWS KMS)?
Customer-managed keys give customers full control over the key lifecycle, whereas AWS-managed keys are created and administered by AWS but remain dedicated to the customer's account.
Customer-managed keys cannot be deleted, while AWS-managed keys can be deleted at any time by the customer.
Both customer-managed and AWS-managed keys are created by AWS and shared across multiple AWS accounts by default.
AWS-managed keys give customers full control over rotation and deletion, whereas customer-managed keys are administered entirely by AWS.
Customer-managed keys (CMKs) are created, owned, and fully managed by the customer, giving the customer complete control over policies, rotation, and deletion. AWS-managed keys are automatically created and managed by AWS on the customer's behalf for a specific AWS service, but they reside in and are dedicated to the customer's AWS account. Because customers cannot modify their lifecycle or permissions, AWS-managed keys provide convenience at the cost of granular control. The other options reverse or misstate these roles.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are customer-managed keys in AWS KMS?
Open an interactive chat with Bash
What are AWS managed keys and how do they differ from customer-managed keys?
Open an interactive chat with Bash
What is key rotation in AWS KMS and why is it important?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access