ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 146 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 146
Topic #: 1
[All AWS Certified Developer Associate Questions]

A developer is using an AWS Key Management Service (AWS KMS) customer master key (CMK) with imported key material to encrypt data in Amazon S3. The developer accidentally deletes the key material of the CMK and is unable to decrypt the data.
How can the developer decrypt the data that was encrypted by the CMK?

  • A. Request support from AWS to recover the deleted key material.
  • B. Create a new CMK. Use the new CMK to decrypt the data.
  • C. Use the CMK without the key material.
  • D. Reimport the same key material to the CMK.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by m_t_kd at Sept. 2, 2022, 3:04 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jabol
Highly Voted 2 years, 8 months ago
Selected Answer: D
"To use the KMS key again, you must reimport the same key material into the KMS key. In contrast, deleting a KMS key is irreversible. If you schedule key deletion and the required waiting period expires, AWS KMS deletes the key material and all metadata associated with the KMS key." - https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-delete-key-material.html
upvoted 11 times
shahs10
2 years, 1 month ago
How will the same key reimported once it is deleted?
upvoted 2 times
ancomedian
1 year, 9 months ago
It is deleted from the AWS account, but it should be in the local machine. Else, this thing is irreversible
upvoted 2 times
...
...
...
m_t_kd
Highly Voted 2 years, 9 months ago
Selected Answer: D
Correct Answer is D
upvoted 7 times
...
laksmikanth836
Most Recent 1 year, 10 months ago
Selected Answer: D
The Answer is D We can reimport the material key. https://docs.aws.amazon.com/kms/latest/APIReference/API_ImportKeyMaterial.html
upvoted 1 times
...
rcaliandro
1 year, 11 months ago
Selected Answer: D
It is possible to reimport the same key material in order to generate the same CMK. D is the correct answer
upvoted 1 times
...
Rpod
2 years, 1 month ago
Selected Answer: D
Th question is wrong - had to select D to post a comment - This is from a simple google search :- Deleting a customer master key (CMK) in AWS Key Management Service (AWS KMS) is destructive and potentially dangerous. It deletes the key material and all metadata associated with the CMK and is irreversible. After a CMK is deleted, you can no longer decrypt the data that was encrypted under that CMK, which means that data becomes unrecoverable.
upvoted 1 times
...
shahs10
2 years, 1 month ago
Selected Answer: D
Reimport same key material https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material
upvoted 1 times
...
sichilam
2 years, 4 months ago
D it is
upvoted 1 times
...
michaldavid
2 years, 6 months ago
Selected Answer: D
DDDDDDDDD
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel