exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 72 discussion

A company plans to use AWS Key Management Service (AWS KMS) to implement an encryption strategy to protect data at rest. The company requires client-side encryption for company projects. The company is currently conducting multiple projects to test the company's use of AWS KMS. These tests have led to a sudden increase in the company's AWS resource consumption. The test projects include applications that issue multiple requests each second to KMS endpoints for encryption activities.

The company needs to develop a solution that does not throttle the company's ability to use AWS KMS. The solution must improve key usage for client-side encryption and must be cost optimized.

Which solution will meet these requirements?

  • A. Use keyrings with the AWS Encryption SDK. Use each keyring individually or combine keyrings into a multi-keyring. Decrypt the data by using a keyring that has the primary key in the multi-keyring.
  • B. Use data key caching. Use the local cache that the AWS Encryption SDK provides with a caching cryptographic materials manager.
  • C. Use KMS key rotation. Use a local cache in the AWS Encryption SDK with a caching cryptographic materials manager.
  • D. Use keyrings with the AWS Encryption SDK. Use each keyring individually or combine keyrings into a multi-keyring. Use any of the wrapping keys in the multi-keyring to decrypt the data.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Daniel76
11 months, 1 week ago
Selected Answer: B
"Caching can reduce your use of cryptographic services, such as AWS Key Management Service (AWS KMS). If you are hitting your AWS KMS requests-per-second limit, caching can help." https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/data-key-caching.html
upvoted 1 times
...
WeepingMaplte
11 months, 3 weeks ago
Local key cache: Implement local key caching in your applications to store frequently used encryption keys, reducing the number of calls to KMS. Consider libraries like AWS Encryption SDK for secure key cache management.
upvoted 1 times
...
Aamee
1 year ago
Shouldn't it be 'D'? Couldn't verify the source for the option of 'C' being correct anywhere.
upvoted 1 times
helloworldabc
2 months, 2 weeks ago
just B
upvoted 1 times
...
...
lmimi
1 year ago
I vote for B
upvoted 1 times
...
AgboolaKun
1 year ago
Selected Answer: B
Data key caching helps to improve performance, reduce cost, and help stay within limit as your key usage increases without throttling - https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/data-key-caching.html
upvoted 4 times
...
[Removed]
1 year ago
Selected Answer: B
B seems right https://repost.aws/knowledge-center/kms-throttlingexception-error
upvoted 1 times
...
oioi
1 year ago
Selected Answer: B
correct
upvoted 1 times
oioi
1 year ago
C is correct
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...