SAA-C03 · Question #168
SAA-C03 Question #168: Real Exam Question with Answer & Explanation
The correct answer is A: Create an AWS Key Management Service (AWS KMS) key without key material. Import the. Option A: Importing customer-managed keys into AWS KMS ensures that encryption key material remains under the company's control. Option D: S3 Glacier with server-side encryption using customer-provided keys (SSE-C) complies with the need for controlled encryption and provides cos
Question
A company stores petabytes of historical medical information on premises. The company has a process to manage encryption of the data to comply with regulations. The company needs a cloud-based solution for data backup, recovery, and archiving. The company must retain control over the encryption key material. Which combination of solutions will meet these requirements? (Select TWO.)
Options
- ACreate an AWS Key Management Service (AWS KMS) key without key material. Import the
- BCreate an AWS Key Management Service (AWS KMS) encryption key that contains key material
- CStore the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) storage. Use S3
- DStore the data in an Amazon S3 Glacier storage class. Use server-side encryption with customer-
- EStore the data in AWS Snowball devices. Use server-side encryption with AWS KMS keys (SSE-
Explanation
Option A: Importing customer-managed keys into AWS KMS ensures that encryption key material remains under the company's control. Option D: S3 Glacier with server-side encryption using customer-provided keys (SSE-C) complies with the need for controlled encryption and provides cost-effective storage for backups.
Community Discussion
No community discussion yet for this question.