Ultimate access to all questions.
Answer-first summary for fast verification
Answer: Utilize a multi-Region customer managed KMS key, create S3 buckets, and implement client-side encryption with replication.
The correct answer is B. AWS KMS multi-Region customer managed keys allow encryption and decryption across multiple AWS Regions using the same key. This reduces operational overhead compared to configuring individual keys in each Region. Option B ensures seamless replication and encryption/decryption processes while maintaining a single customer managed multi-Region KMS key, which aligns with the requirement for minimal operational overhead.
Author: LeetQuiz Editorial Team
No comments yet.
In an AWS Cloud application, data is stored across S3 buckets in two different Regions. The requirement is to encrypt data using a single AWS KMS customer managed key, ensuring the key is accessible in both Regions with minimal operational overhead. What is the most efficient solution?
A
Establish S3 buckets in each Region with SSE-S3 and enable replication.
B
Utilize a multi-Region customer managed KMS key, create S3 buckets, and implement client-side encryption with replication.
C
Create a customer managed KMS key and S3 buckets with SSE-S3, and set up replication.
D
Deploy a customer managed KMS key and S3 buckets, applying SSE-KMS for encryption, and configure replication.