A company uses the Amazon Kinesis SDK to write data to Kinesis Data Streams. Compliance requirements state that the data must be encrypted at rest using a key that can be rotated. The company wants to meet this encryption requirement with minimal coding effort. How can these requirements be met?
A) Create a customer master key (CMK) in AWS KMS. Assign the CMK an alias. Use the AWS Encryption SDK, providing it with the key alias to encrypt and decrypt the data.
B) Create a customer master key (CMK) in AWS KMS. Assign the CMK an alias. Enable server-side encryption on the Kinesis data stream using the CMK alias as the KMS master key.
C) Create a customer master key (CMK) in AWS KMS. Create an AWS Lambda function to encrypt and decrypt the data. Set the KMS key ID in the function's environment variables.
D) Enable server-side encryption on the Kinesis data stream using the default KMS key for Kinesis Data Streams.
Correct Answer:
Verified
Q48: An online retailer needs to deploy a
Q49: A smart home automation company must efficiently
Q50: An online retail company with millions of
Q51: A company uses Amazon Redshift as its
Q52: A financial company uses Apache Hive on
Q54: A technology company is creating a dashboard
Q55: A company has collected more than 100
Q56: A company has an application that ingests
Q57: A company's data analyst needs to ensure
Q58: A large university has adopted a strategic
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents