Practice Test 4 | AWS Certified Solutions Architect Associate | SAA-C03 | Dumps | Mock Test
You need to ensure that data stored in S3 is encrypted but do not want to manage the encryption keys. Which of the following encryption mechanisms can be used in this case?
A. SSE-S3
B. SSE-C
C. SSE-KMS
D. SSE-SSL
Explanation:
Answer – A
AWS Documentation mentions the
following on Encryption keys:
- SSE-S3
requires that Amazon S3 manages the data and master encryption keys. - SSE-C
requires that you manage the encryption keys. - SSE-KMS
requires that AWS manages the data key but you manage the master key in AWS KMS.
For more information on using the Key
Management service for S3, please visit the below URL:
https://docs.aws.amazon.com/kms/latest/developerguide/services-s3.html
Comments are closed, but trackbacks and pingbacks are open.