Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon DVA-C02 Exam - Topic 4 Question 38 Discussion

A developer is creating an Amazon DynamoDB table by using the AWS CLI The DynamoDB table must use server-side encryption with an AWS owned encryption keyHow should the developer create the DynamoDB table to meet these requirements?
D) Create the DynamoDB table with the default encryption options
A) Create an AWS Key Management Service (AWS KMS) customer managed key. Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table
B) Create an AWS Key Management Service (AWS KMS) AWS managed key Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table
C) Create an AWS owned key Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table.

Amazon DVA-C02 Exam - Topic 4 Question 38 Discussion

Actual exam question for Amazon's DVA-C02 exam
Question #: 38
Topic #: 4
[All DVA-C02 Questions]

A developer is creating an Amazon DynamoDB table by using the AWS CLI The DynamoDB table must use server-side encryption with an AWS owned encryption key

How should the developer create the DynamoDB table to meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

Default SSE in DynamoDB:DynamoDB tables are encrypted at rest by default using an AWS owned key (SSE-S3).

No Additional Action Needed:Creating a table without explicitly specifying a KMS key will use this default encryption.


DynamoDB Server-Side Encryption:https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Encryption

by Cathern at Sep 19, 2024, 06:28 AM

Limited Time Offer

25%

Off

Get Premium DVA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tuyet
6 months ago
I'm not sure about B, isn't that for customer managed keys?
upvoted 0 times
...
Julie
6 months ago
Totally agree with D, it's the simplest approach!
upvoted 0 times
...
Adell
7 months ago
Wait, does anyone actually use AWS owned keys? Seems risky.
upvoted 0 times
...
Vi
7 months ago
I think A is better, you need a managed key for more control.
upvoted 0 times
...
Bernadine
7 months ago
Option D is the way to go for default encryption!
upvoted 0 times
...
Verona
7 months ago
I vaguely recall that using a customer managed key requires more setup, so I don't think option A is what we're looking for here.
upvoted 0 times
...
Aleisha
7 months ago
I practiced a similar question where we had to choose between managed and owned keys, and I think the default encryption options could be a safe bet. That might be option D.
upvoted 0 times
...
Nohemi
8 months ago
I'm a bit unsure about the KMS options. I feel like I might have mixed up managed and owned keys in my study notes.
upvoted 0 times
...
Denna
8 months ago
I remember that AWS owned keys are automatically managed by AWS, so I think option C might be the right choice.
upvoted 0 times
...
Kristel
8 months ago
Hmm, this is a tricky one. I'm leaning towards option A, since it mentions using a customer managed key. But I'll need to re-read the question to make sure that's what they're looking for.
upvoted 0 times
...
Sang
8 months ago
I'm pretty confident that option B is the correct answer. The question states we need to use an AWS managed key, and that's what option B describes.
upvoted 0 times
...
Lashaunda
8 months ago
I'm a bit confused here. Do I need to create a custom KMS key, or can I just use the default encryption options? I'll have to double-check the details.
upvoted 0 times
...
Audry
8 months ago
Okay, I think I've got this. The key is that the table needs to use server-side encryption with an AWS owned encryption key, so option C seems like the right choice.
upvoted 0 times
...
Tammara
8 months ago
Hmm, this one looks tricky. I'll need to carefully read through the options and think about the requirements.
upvoted 0 times
...
Carman
8 months ago
Okay, let me see. I think option C sounds right - a warning with a countdown before the session times out. But I'm not 100% confident on that.
upvoted 0 times
...
Ronna
2 years ago
I'm not sure, but I think option D might be easier and quicker to implement. Default encryption could be sufficient for some cases.
upvoted 0 times
...
Huey
2 years ago
I agree with Vallie. Using a customer managed key provides more control over encryption and security.
upvoted 0 times
...
Casey
2 years ago
Wait, we're supposed to create an AWS owned key? I thought that was like a secret club that only AWS employees could access.
upvoted 0 times
...
Sheridan
2 years ago
Haha, this question is a real brain-teaser. I bet the developer is wishing they had a crystal ball right about now.
upvoted 0 times
Benton
2 years ago
C) Create an AWS owned key Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table.
upvoted 0 times
...
Dannie
2 years ago
B) Create an AWS Key Management Service (AWS KMS) AWS managed key Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table
upvoted 0 times
...
Raina
2 years ago
A) Create an AWS Key Management Service (AWS KMS) customer managed key. Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table
upvoted 0 times
...
...
Vallie
2 years ago
I think the developer should choose option A and create a customer managed key for server-side encryption.
upvoted 0 times
...
Phuong
2 years ago
I'm not so sure about that. Isn't it better to use a customer managed key from AWS KMS? That way, you have more control over the encryption.
upvoted 0 times
...
Belen
2 years ago
Option B is the correct answer. The developer should use an AWS managed key from AWS KMS to encrypt the DynamoDB table.
upvoted 0 times
Lura
2 years ago
Option B is the correct answer. The developer should use an AWS managed key from AWS KMS to encrypt the DynamoDB table.
upvoted 0 times
...
Georgiann
2 years ago
B) Create an AWS Key Management Service (AWS KMS) AWS managed key Provide the key's Amazon Resource Name (ARN) in the KMSMasterKeyld parameter during creation of the DynamoDB table
upvoted 0 times
...
...

Save Cancel