A SysOps Administrator using AWS KMS needs to rotate all customer master keys (CMKs) every week to meet Information Security guidelines. Which option would meet the requirement?

Topic #: - All AWS-SysOps Questions

A. Create a new CMK every 7 days to manually rotate the encryption keys.
B. Enable key rotation on the CMKs and set the rotation period to 7 days.
C. Switch to using AWS CloudHSM as AWS KMS does not support key rotation.
D. Use data keys for each encryption task to avoid the need to rotate keys.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

A SysOps Administrator using AWS KMS needs to rotate all customer master keys (CMKs) every week to meet Information Security guidelines. Which option would meet the requirement?

Suggested Answer:

Reference Material:

A SysOps Administrator using AWS KMS needs to rotate all customer master keys (CMKs) every week to meet Information Security guidelines. Which option would meet the requirement?

Suggested Answer:

Reference Material:

Share this post

Join the Discussion