Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SAA-C03 Topic 14 Question 24 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 24
Topic #: 14
[All SAA-C03 Questions]

A company is preparing to store confidential data in Amazon S3 For compliance reasons the data must be encrypted at rest Encryption key usage must be logged tor auditing purposes. Keys must be rotated every year.

Which solution meets these requirements and the MOST operationally efferent?

Show Suggested Answer Hide Answer
Suggested Answer: A

A) How do you protect your data in transit?

Best Practices:

Implement secure key and certificate management: Store encryption keys and certificates securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a certificate management service, such as AWS Certificate Manager (ACM).

Enforce encryption in transit: Enforce your defined encryption requirements based on appropriate standards and recommendations to help you meet your organizational, legal, and compliance requirements.

Automate detection of unintended data access: Use tools such as GuardDuty to automatically detect attempts to move data outside of defined boundaries based on data classification level, for example, to detect a trojan that is copying data to an unknown or untrusted network using the DNS protocol.

Authenticate network communications: Verify the identity of communications by using protocols that support authentication, such as Transport Layer Security (TLS) or IPsec.

https://wa.aws.amazon.com/wat.question.SEC_9.en.html


by Elli at Oct 22, 2023, 04:37 AM

Limited Time Offer

25%

Off

Get Premium SAA-C03 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Galen
1 months ago
I'm just glad I don't have to remember to rotate the keys myself. Imagine if they made us do that by carrier pigeon or something. Technology, FTW!
upvoted 0 times
Honey
9 days ago
Exactly! Technology definitely makes our lives easier.
upvoted 0 times
...
Zona
19 days ago
That sounds like a lifesaver. No more manual key rotation for us!
upvoted 0 times
...
James
21 days ago
Use AWS Key Management Service (KMS) to manage encryption keys and enable key rotation
upvoted 0 times
...
...
Leah
1 months ago
Wow, these compliance requirements are tougher than my in-laws' expectations. Good thing AWS has solutions to make our lives easier!
upvoted 0 times
...
Penney
1 months ago
Definitely option D. Who wants to remember to rotate the keys manually every year? AWS KMS with automatic rotation is the way to go. Less headaches, more security.
upvoted 0 times
Leonida
9 days ago
AWS KMS with automatic rotation is a smart choice for ensuring data security and compliance with minimal effort.
upvoted 0 times
...
Edgar
19 days ago
It's important to have that extra layer of security and automation with AWS KMS for encryption keys.
upvoted 0 times
...
Noelia
22 days ago
Automatic rotation definitely makes it easier to stay compliant with key rotation requirements.
upvoted 0 times
...
Bong
23 days ago
I agree, option D with AWS KMS automatic rotation is the best choice for security and efficiency.
upvoted 0 times
...
...
Janessa
1 months ago
Hmm, SSE-KMS with manual key rotation? That sounds like a lot of manual work. I'd rather have the system handle it automatically if possible.
upvoted 0 times
...
Colton
2 months ago
I'd go with option D. Automatic key rotation takes care of the yearly requirement, and the logging feature ensures auditability. Seems like the most operationally efficient choice.
upvoted 0 times
Lavelle
6 days ago
User4: Logging the encryption key usage is crucial for compliance reasons.
upvoted 0 times
...
Bok
14 days ago
I agree, the logging feature for auditing purposes is also important.
upvoted 0 times
...
Daryl
19 days ago
Option D sounds like the best choice. Automatic key rotation is convenient.
upvoted 0 times
...
Loreta
21 days ago
User3: Automatic key rotation definitely simplifies the yearly requirement.
upvoted 0 times
...
Layla
29 days ago
User2: I agree, it seems like the most operationally efficient solution.
upvoted 0 times
...
Desmond
1 months ago
User1: Option D sounds like the best choice. Automatic key rotation and logging for auditing purposes.
upvoted 0 times
...
...
Alishia
2 months ago
SSE-KMS with automatic key rotation sounds like the perfect solution to meet the compliance requirements and minimize operational overhead. Logging the encryption key usage for auditing is a great feature too.
upvoted 0 times
...
Quentin
2 months ago
But wouldn't manual rotation give us more control over the encryption keys and auditing purposes?
upvoted 0 times
...
Hoa
2 months ago
I disagree, I believe D) Server-side encryption with AWS KMS customer master keys with automated rotation is more operationally efficient.
upvoted 0 times
...
Quentin
2 months ago
I think the best solution is C) Server-side encryption with AWS KMS customer master keys with manual rotation.
upvoted 0 times
...

Save Cancel