Which service should be used to meet these requirements?

By:
On:
In: SOA-C01
Tagged:
With: 0 Comments
A company issued SSL certificates to its users, and needs to ensure the private keys that are used to sign the certificates are encrypted.The company needs to be able to store the private keys and perform cryptographic signing operations in a secure environment.

Which service should be used to meet these requirements?

AWS CloudHSM

AWS KMS

AWS Certificate Manager

Amazon Connect

Explanations:

AWS CloudHSM provides hardware security modules (HSMs) for managing cryptographic keys in a secure and compliant manner, enabling encryption and cryptographic signing operations in a controlled environment.

AWS KMS (Key Management Service) is used for key management and encryption operations but does not provide hardware security modules specifically designed for high-security cryptographic signing.

AWS Certificate Manager (ACM) is used to manage SSL/TLS certificates but does not offer a secure environment for performing cryptographic signing of keys, as it is focused on certificate lifecycle management.

Amazon Connect is a cloud-based contact center service and does not offer any features related to cryptographic key management or secure signing operations.

Leave a Reply

Your email address will not be published. Required fields are marked *

two × 3 =