AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A financial institution utilizes a key management service to enhance the security of its data-at-rest within cloud storage services. They aim to adhere to a stringent security protocol that requires the automatic renewal of encryption materials. Which approach can the institution implement to fulfill this requirement without altering the existing key identifiers or metadata?

  • Establishing a manual process where the keys are only updated in response to a security incident.

  • Creating a new key manually every five years while disabling the old one.

  • Delegating the renewal process until the key reaches its designated expiration period.

  • Enabling automatic renewal for the encryption keys through the service's management console or API.

AWS Certified Solutions Architect Associate SAA-C03
Design Secure Architectures
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot