AmazonAmazon
DEA-C01 · Question #40
DEA-C01 Question #40: Real Exam Question with Answer & Explanation
Sign in or unlock DEA-C01 to reveal the answer and full explanation for question #40. The question stem and answer options stay visible for context.
Data Security and Governance
Question
A company receives call logs as Amazon S3 objects that contain sensitive customer information. The company must protect the S3 objects by using encryption. The company must also use encryption keys that only specific employees can access. Which solution will meet these requirements with the LEAST effort?
Options
- AUse an AWS CloudHSM cluster to store the encryption keys. Configure the process that writes to
- BUse server-side encryption with customer-provided keys (SSE-C) to encrypt the objects that
- CUse server-side encryption with AWS KMS keys (SSE-KMS) to encrypt the objects that contain
- DUse server-side encryption with Amazon S3 managed keys (SSE-S3) to encrypt the objects that
Unlock DEA-C01 to see the answer
You've previewed enough free DEA-C01 questions. Unlock DEA-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#S3 Encryption#AWS KMS#Key Management#Access Control