A company wants to build a scalable key management infrastructure to support developers who need to encrypt data in their applications. What should a solutions architect do to reduce the operational burden?
A.
Use multi-factor authentication (MFA) to protect the encryption keys.
B.
Use AWS Key Management Service (AWS KMS) to protect the encryption keys.
C.
Use AWS Certificate Manager (ACM) to create, store, and assign the encryption keys.
D.
Use an IAM policy to limit the scope of users who have access permissions to protect the encryption keys.
wrote exam today and got this question, marked B
other new questions :
1.how to monitor swapmemory issue on ec2linux instnaces
2.how to scale rds oracle db automatically (multiple choice) - enable scaling and track averagefreememory available metric
3. transfer 10Tb of data from on prem to AWS within 72 hours
Also many questions from this site
1. Install a CloudWatch agent on the instance to collect the various system metrics/logs and configure it forward this to CloudWatch. You might need to enable "Detailed Monitoring" if the default 5 minute period is too long.
A company collects 10 GB of telemetry data dairy from various machines. The company stores the data in an
Amazon S3 bucket in a source data account.
The company has hired several consuming agencies to use this data for analysis. Each agency needs read
access to the data for its analysis. The company must share the data from tie source data account by choosing a
solution that maximizes security and operational efficiency. Which solution will meet these requirements?
Configure S3 global tables to replicate data tor each agency
Make the S3 bucket public for a limited time Inform only the agencies
Configure cross-account access for the S3 bucket to the accounts that the agencies own.
Set up an IAM user for each analyst In the source data account Grant each user access to the S3 bucket
Can you answer this?
B is the correct one
https://aws.amazon.com/kms/faqs/#:~:text=If%20you%20are%20a%20developer%20who%20needs%20to%20digitally,a%20broad%20set%20of%20industry%20and%20regional%20compliance%20regimes.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
quangquydw
Highly Voted 3 years, 8 months agoamshivraj
Highly Voted 3 years, 8 months agoNkd
3 years, 7 months agoJamati
3 years, 7 months agoSwap859
3 years, 3 months agocutecolt
3 years, 1 month agoRoot_Access
Most Recent 2 years, 9 months agoA_G50
2 years, 10 months agoxAlx
3 years, 7 months agohz78
3 years, 8 months agoswadeey
3 years, 8 months ago