AmazonAmazon
DVA-C02 · Question #703
DVA-C02 Question #703: Real Exam Question with Answer & Explanation
Sign in or unlock DVA-C02 to reveal the answer and full explanation for question #703. The question stem and answer options stay visible for context.
Submitted by chiamaka_o· Mar 5, 2026Security
Question
A developer must ensure that sensitive customer data that is stored in an AWS Lambda function is encrypted at rest and in transit. The sensitive data is stored in environment variables within the Lambda function. The developer needs to control encryption key rotation. Which combination of steps will meet these requirements? (Choose two.)
Options
- AUse AWS managed AWS KMS keys. Disable automatic key rotation. Specify the desired custom
- BAssign the necessary AWS KMS permissions to the Lambda function's execution role.
- CUse customer managed AWS KMS keys. Disable automatic key rotation. Modify the rotation
- DUse AWS Certificate Manager (ACM) to provision a public certificate. Set up manual renewal and
- EUpdate the policy for the AWS KMS keys to include any permissions that the Lambda function
Unlock DVA-C02 to see the answer
You've previewed enough free DVA-C02 questions. Unlock DVA-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.