Which solution meets these criteria?

A security engineer must use AWS Key Management Service (AWS KMS) to design a key management solution for a set of Amazon Elastic Block Store (AmazonEBS) volumes that contain sensitive data.The solution needs to ensure that the key material automatically expires in 90 days.

A customer managed CMK that uses customer provided key material

A customer managed CMK that uses AWS provided key material

An AWS managed CMK

Operation system-native encryption that uses GnuPG

Previous Post: What should the solutions architect recommend to meet these requirements?

Next Post: How can an EBS volume that is currently attached to an EC2 instance be migrated from one Availability Zone to another?

1 Comment

Author

I deduce that the answer is:
A customer managed CMK that uses customer provided key material

Jonathan

3 months ago

Permalink

Reply

Free study guides, practices test, sample questions

Which solution meets these criteria?

1 Comment

Leave a Reply Cancel reply