Your team is preparing to launch an application that will process highly sensitive financial records. To comply with internal security protocols, you need to select the correct key type that will allow your team to dictate the rotation schedule and have the ability to immediately disable the key if a security breach occurs. Which key type should be utilized for encrypting the application's data at rest?
A user-generated plaintext key for runtime encryption
A symmetric key from the Certificate Management service
A managed key in the provider's Key Management Service
A customer-managed key in the Key Management Service