Which of the following actions should the Engineer perform to get further guidance?

By: study aws cloud

On: January 8, 2025

Tagged: Security Specialty

With: 0 Comments

A Security Engineer is trying to determine whether the encryption keys used in an AWS service are in compliance with certain regulatory standards.

Which of the following actions should the Engineer perform to get further guidance?

Read the AWS Customer Agreement.

Use AWS Artifact to access AWS compliance reports.

Post the question on the AWS Discussion Forums.

Run AWS Config and evaluate the configuration outputs.

Explanations:

The AWS Customer Agreement outlines the terms of service between AWS and its customers, but it does not provide detailed guidance on compliance with regulatory standards related to encryption keys.

AWS Artifact is a service that provides access to AWS’s compliance reports, including those related to encryption standards and other regulatory requirements, making it the correct tool for determining whether encryption keys are compliant.

Posting the question on the AWS Discussion Forums may yield helpful community input, but it is not a reliable or official source for guidance on compliance with regulatory standards.

AWS Config is a service that helps with monitoring configurations, but it does not directly provide regulatory compliance reports or guidance on encryption key standards. It is useful for auditing resources, not for compliance verification.

Previous Post: What should the solutions architect recommend to solve these issues?

Next Post: The ________ service is targeted at organizations with multiple users or systems that use AWS products such as Amazon EC2, Amazon SimpleDB, and the AWSManagement Console?

Leave a Reply Cancel reply