nerdexam
Amazon

DVA-C02 · Question #700

A development team needs a cost-effective solution to store log files and other unstructured data securely for an application. The solution must encrypt the data in transit and at rest. The developmen

The correct answer is C. Store the data in Amazon S3. Use server-side encryption with AWS KMS keys (SSE-KMS). Use a. Using Amazon S3 with server-side encryption using AWS KMS keys (SSE-KMS) provides encryption at rest and in transit with strong control over encryption keys. The development team can manage key access through KMS key policies and bucket policies, meeting the requirements for key

Submitted by akirajp· Mar 5, 2026Security

Question

A development team needs a cost-effective solution to store log files and other unstructured data securely for an application. The solution must encrypt the data in transit and at rest. The development team needs to control the encryption keys. The development team also needs to control who has access to the keys and how much access each authorized user has. Which solution will meet these requirements?

Options

  • AStore the data in Amazon DynamoDB. Use AWS Secrets Manager to encrypt the data. Create a
  • BStore the data in Amazon S3. Use server-side encryption with Amazon S3 managed keys (SSE-
  • CStore the data in Amazon S3. Use server-side encryption with AWS KMS keys (SSE-KMS). Use a
  • DStore the data in an Amazon DynamoDB database. Use AWS Certificate Manager (ACM) to

How the community answered

(56 responses)
  • A
    4% (2)
  • B
    11% (6)
  • C
    80% (45)
  • D
    5% (3)

Explanation

Using Amazon S3 with server-side encryption using AWS KMS keys (SSE-KMS) provides encryption at rest and in transit with strong control over encryption keys. The development team can manage key access through KMS key policies and bucket policies, meeting the requirements for key control and fine-grained access management.

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice