How can these requirements be met?

DAS-C01 V3 0 Comments

A company uses the Amazon Kinesis SDK to write data to Kinesis Data Streams. Compliance requirements state that the data must be encrypted at rest using a key that can be rotated. The company wants to meet this encryption requirement with minimal coding effort.

How can these requirements be met?
A . Create a customer master key (CMK) in AWS KMS. Assign the CMK an alias. Use the AWS Encryption SDK, providing it with the key alias to encrypt and decrypt the data.
B . Create a customer master key (CMK) in AWS KMS. Assign the CMK an alias. Enable server-side encryption on the Kinesis data stream using the CMK alias as the KMS master key.
C . Create a customer master key (CMK) in AWS KMS. Create an AWS Lambda function to encrypt and
decrypt the data. Set the KMS key ID in the function’s environment variables.
D . Enable server-side encryption on the Kinesis data stream using the default KMS key for Kinesis Data
Streams.

Answer: B

Explanation:

Reference: https://aws.amazon.com/kinesis/data-streams/faqs/

Latest DAS-C01 Dumps Valid Version with 77 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download DAS-C01 PDF     DAS-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments