AWS Certified Developer Associate DVA-C02 Practice Question
Your organization requires encryption for sensitive data stored in Amazon S3. The security policy mandates that the organization manages its own encryption keys and that encryption must occur before the data leaves the organization's premises. Which encryption method aligns most closely with these requirements?
Server-side encryption with AWS KMS-managed keys (SSE-KMS)
Client-side encryption with a customer-managed encryption key
Server-side encryption with customer-provided keys (SSE-C)
Server-side encryption with Amazon S3-managed keys (SSE-S3)
Client-side encryption is the process where data is encrypted on the client's side (i.e., within the organization's boundary) before it is transferred to the server or service, such as S3. This approach means that the organization retains full control of the encryption keys and manages the encryption process. In this case, client-side encryption best addresses the security policy's requirement for the organization to manage its own encryption keys and for data to be encrypted before it leaves the premises. Server-side encryption involves encrypting data once it has been uploaded to S3, with key management handled by AWS or the customer through AWS Key Management Service (KMS). While it is a secure method, it does not meet the specific requirement of encrypting data before it leaves the organization's premises.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is client-side encryption?
Open an interactive chat with Bash
What is the difference between client-side and server-side encryption?
Open an interactive chat with Bash
What are customer-managed encryption keys in AWS?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access