DVA-C02 · Question #562
DVA-C02 Question #562: Real Exam Question with Answer & Explanation
The correct answer is B: Server-side encryption with S3 managed keys (SSE-S3). SSE-S3 is a fully managed encryption solution provided by Amazon S3. It automatically encrypts the documents before storing them and decrypts them when accessed. The encryption keys are managed by Amazon S3, and no third parties (other than the user with the proper permissions) c
Question
A developer is creating a new application that will give users the ability to upload documents to Amazon S3. The contents of the documents must not be accessible to any third party. Which type of encryption will meet this requirement?
Options
- AClient-side encryption by using the S3 Encryption Client with a Raw RSA wrapping key that is
- BServer-side encryption with S3 managed keys (SSE-S3)
- CServer-side encryption with AWS KMS keys (SSE-KMS)
- DDual-layer server-side encryption with AWS KMS keys (DSSE-KMS)
Explanation
SSE-S3 is a fully managed encryption solution provided by Amazon S3. It automatically encrypts the documents before storing them and decrypts them when accessed. The encryption keys are managed by Amazon S3, and no third parties (other than the user with the proper permissions) can access the encrypted data. This solution ensures that the contents of the documents are kept secure and inaccessible to unauthorized parties, while being simple to implement and manage.
Community Discussion
No community discussion yet for this question.