A company is utilizing AWS Key Management Service (AWS KMS) for data-at-rest encryption and requires client-side encryption for its projects. Due to increased testing of AWS KMS usage across multiple projects, there has been a significant surge in AWS resource consumption, with applications issuing frequent encryption requests to KMS endpoints. The company seeks a solution that ensures unthrottled AWS KMS usage, enhances key management for client-side encryption, and is cost-effective. Which solution meets these criteria?

Exam-Like

Use keyrings with the AWS Encryption SDK. Use each keyring individually or combine keyrings into a multi-keyring. Decrypt the data by using a keyring that has the primary key in the multi-keyring.

0.0%

Use data key caching. Use the local cache that the AWS Encryption SDK provides with a caching cryptographic materials manager.

100.0%

Use KMS key rotation. Use a local cache in the AWS Encryption SDK with a caching cryptographic materials manager.

0.0%

Use keyrings with the AWS Encryption SDK. Use each keyring individually or combine keyrings into a multi-keyring. Use any of the wrapping keys in the multi-keyring to decrypt the data.

0.0%

AWS Certified Security - Specialty

Get started today

Comments