A company plans to migrate a sensitive dataset to Amazon S3. A Security Engineer must ensure that the data is encrypted at rest. The encryption solution must enable the company to generate its own keys without needing to manage key storage or the encryption process. What should the Security Engineer use to accomplish this?
A) Server-side encryption with Amazon S3-managed keys (SSE-S3)
B) Server-side encryption with AWS KMS-managed keys (SSE-KMS)
C) Server-side encryption with customer-provided keys (SSE-C)
D) Client-side encryption with an AWS KMS-managed CMK
Correct Answer:
Verified
Q142: A company has several production AWS accounts
Q143: An organization has three applications running on
Q144: While analyzing a company's security solution, a
Q145: A company has two AWS accounts, each
Q146: A Security Engineer is working with the
Q148: A Web Administrator for the website example.com
Q149: A Website currently runs on Amazon EC2,
Q150: While securing the connection between a company's
Q151: A Developer is creating an AWS Lambda
Q152: A Developer signed in to a new
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents