AWS Certified Developer Associate DVA-C02 Practice Question
Your team is preparing to launch an application that will process highly sensitive financial records. To comply with internal security protocols, you need to select the correct key type that will allow your team to dictate the rotation schedule and have the ability to immediately disable the key if a security breach occurs. Which key type should be utilized for encrypting the application's data at rest?
A symmetric key from the Certificate Management service
A managed key in the provider's Key Management Service
A user-generated plaintext key for runtime encryption
A customer-managed key in the Key Management Service
A customer-managed key in KMS should be utilized because it provides the necessary privileges to set a custom rotation schedule and disable the key, meeting the team's requirement for direct control over the encryption key's lifecycle management. Unlike customer-managed keys, managed keys are automatically rotated by the cloud provider and do not offer customers the same granularity of control, such as immediate revocation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a customer-managed key in AWS KMS?
Open an interactive chat with Bash
What does key rotation mean, and why is it important?
Open an interactive chat with Bash
What are the differences between customer-managed keys and AWS-managed keys?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access