Q9 — AWS SAA-C03 Ch.4

Question 9 of 105 | ← Chapter 4

Q204. A company is planning to move its data to an Amazon S3 bucket. The data must be encrypted when it is stored in the S3 bucket. Additionally, the encryption key must be automatically rotated every year. Which solution will meet these requirements with the LEAST operational overhead?

Correct Answer: B. Create an AWS Key Management Service (AWS KMS) customer managed key Enable automatic key rotation. Set the S3 bucket's default encryption behavior to use the customer managed KMS key Move the data to the S3 bucket.