Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 942 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 942
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company regularly uploads confidential data to Amazon S3 buckets for analysis.

The company's security policies mandate that the objects must be encrypted at rest. The company must automatically rotate the encryption key every year. The company must be able to track key rotation by using AWS CloudTrail. The company also must minimize costs for the encryption key.

Which solution will meet these requirements?

  • A. Use server-side encryption with customer-provided keys (SSE-C)
  • B. Use server-side encryption with Amazon S3 managed keys (SSE-S3)
  • C. Use server-side encryption with AWS KMS keys (SSE-KMS)
  • D. Use server-side encryption with customer managed AWS KMS keys
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by nebajp at Aug. 10, 2024, 8:07 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
nebajp
Highly Voted 2 months, 4 weeks ago
Selected Answer: C
SSE keys provided usage fee application and there is no monthly charges, hence its a correct option. D is highly cost option with monthly and usage fee. which is incorrect.
upvoted 5 times
...
XXXXXlNN
Most Recent 2 weeks, 6 days ago
D auto-rotation feature > customer managed key
upvoted 1 times
...
XXXXXlNN
1 month, 1 week ago
D. customer needs to see the logs from Cloudtrail!
upvoted 1 times
sOI852POL
2 weeks, 4 days ago
Even with AWS KMS keys, rotation is logged on ctrail. Answer is D. https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#:~:text=Monitoring%20key%20rotation,key%20was%20rotated.
upvoted 1 times
...
...
sOI852POL
1 month, 3 weeks ago
Selected Answer: C
Answer is C. There is no monthly fee for AWS managed keys https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
upvoted 2 times
...
elmyth
2 months ago
Selected Answer: C
Customer managed key: Monthly fee (pro-rated hourly) + Per-use fee + rotation and cloudtrail AWS managed key: No monthly fee + Per-use fee (some AWS services pay this fee for you)+ rotation and cloudtrail
upvoted 3 times
...
dhewa
2 months, 2 weeks ago
Selected Answer: D
D gives you control, allows you to customise for example rotation policies to suit your compliance needs.
upvoted 2 times
...
komorebi
2 months, 4 weeks ago
Selected Answer: D
Answer is D
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel