An application under development is required to store hundreds of video files. The data must be encrypted within the application prior to storage, with a unique key for each video file.
How should the Developer code the application?
A.
Use the KMS Encrypt API to encrypt the data. Store the encrypted data key and data.
B.
Use a cryptography library to generate an encryption key for the application. Use the encryption key to encrypt the data. Store the encrypted data.
C.
Use the KMS GenerateDataKey API to get a data key. Encrypt the data with the data key. Store the encrypted data key and data.
D.
Upload the data to an S3 bucket using server side-encryption with an AWS KMS key.
To encrypt data outside of AWS KMS:
1) Use the GenerateDataKey operation to get a data key.
2) Use the plaintext data key (in the Plaintext field of the response) to encrypt your data outside of AWS KMS. Then erase the plaintext data key from memory.
3) Store the encrypted data key (in the CiphertextBlob field of the response) with the encrypted data.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
preachr
7 months, 1 week agoa15ce96
1 year, 1 month agomichaldavid
2 years, 5 months agok1kavi1
2 years, 5 months agokapil206001
2 years, 5 months ago