DEA-C01 Question #60: Real Exam Question with Answer & Explanation

Sign in or unlock DEA-C01 to reveal the answer and full explanation for question #60. The question stem and answer options stay visible for context.

Data Security and Governance

Question

Company DEF has a strict security policy that mandates that all data at rest in Amazon S3 must be encrypted. They want to ensure that the encryption keys are managed by AWS, but they also want the flexibility to change the encryption keys when required. Which of the following encryption methods best meets Company DEF's requirements?

Options

AServer-Side Encryption with Customer-Provided Keys (SSE-C).
BServer-Side Encryption with Amazon S3 Managed Keys (SSE-S3).
CServer-Side Encryption with AWS Key Management Service (SSE-KMS).
DClient-Side Encryption with a client-side master key.

Unlock DEA-C01 to see the answer

You've previewed enough free DEA-C01 questions. Unlock DEA-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock DEA-C01 - $49.99 / 30 days Sign in

Topics

#S3 encryption#AWS KMS#Data Security#Key Management

Full DEA-C01 Practice Browse All DEA-C01 Questions