ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 501 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 501
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company needs its Amazon Elastic Block Store (Amazon EBS) volumes to be encrypted at all times. During a security incident, a security engineer attempts to share a snapshot of a suspicious EBS volume to the company's forensics account for analysis. The security engineer receives the following error:

"Unable to share snapshot: An error occurred (OperationNotPermitted) when calling the ModifySnapshotAttribute operation: Encrypted snapshots with EBS default key cannot be shared."

Which combination of steps should the security engineer take in the incident account to complete the sharing operation? (Choose three.)

  • A. Create an AWS Key Management Service (AWS KMS) customer managed key. Copy the snapshot of the suspicious EBS volume. Encrypt the copy of the snapshot by using the new KMS key.
  • B. Allow principals in the forensics account to use the AWS Key Management Service (AWS KMS) customer managed key by modifying the key policy.
  • C. Launch an Amazon EC2 instance. Attach the encrypted and suspicious EBS volume. Copy the data from the suspicious EBS volume to an unencrypted EBS volume. Create a snapshot of the unencrypted EBS volume.
  • D. Copy the snapshot to the new decrypted snapshot.
  • E. Restore an EBS volume from the snapshot of the suspicious EBS volume. Create an unencrypted EBS volume of the same size.
  • F. Share the encrypted snapshot with the forensics account.
Show Suggested Answer Hide Answer
Suggested Answer: ABF 🗳️
by Mark1000 at June 4, 2023, 7:49 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Raphaello
1 year, 4 months ago
Selected Answer: ABF
Correct answers are ABF.
upvoted 1 times
...
p4v10
2 years, 1 month ago
Selected Answer: ABF
ABF for me as well as this is a default procedure
upvoted 4 times
...
cloudenthusiast
2 years, 1 month ago
Selected Answer: ABF
A. The error message indicates that encrypted snapshots with the EBS default key cannot be shared. To address this, the security engineer should create a new AWS KMS customer managed key and use it to encrypt a copy of the snapshot. This allows the sharing of the encrypted copy while maintaining encryption at all times. B. To enable the forensics account to access and use the AWS KMS customer managed key for decrypting the shared snapshot, the security engineer should modify the key policy to allow the necessary permissions for principals in the forensics account. This ensures that they can decrypt and access the shared snapshot. F. Once the encrypted copy of the snapshot has been created and the key policy has been modified to allow access, the security engineer can share the encrypted snapshot with the forensics account. This will allow the forensics account to access and analyze the snapshot while maintaining encryption.
upvoted 3 times
...
Mark1000
2 years, 1 month ago
ABF These are the correct options, I generate a new kms customer managed key (as the default key does not allow sharing with other accounts), I clone the volume and encrypt it with the new key. I give permissions of use to the Forensics account (to its principal) and share it with the account
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel