AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A network engineer is utilizing AWS Direct Connect connections with MACsec to encrypt data between a corporate data center and the Direct Connect location. Upon discovering that the MACsec secret key may have been compromised, the engineer must update the connection with a new, secure key.
What solution will fulfill this requirement?
A
Create a new MACsec secret key that uses an AWS Key Management Service (AWS KMS) AWS managed key. Associate the new pre-shared key, Connection Key Name (CKN), and Connectivity Association Key (CAK) with the connection.
B
Create a new MACsec secret key that uses an AWS Key Management Service (AWS KMS) customer managed key. Associate the new pre-shared key, Connection Key Name (CKN), and Connectivity Association Key (CAK) with the connection.
C
Modify the existing MACsec secret key. Re-associate the existing pre-shared key, Connection Key Name (CKN), and Connectivity Association Key (CAK) with the connection.
D
Modify the existing MACsec secret key. Associate the new pre-shared key, Connection Key Name (CKN), and Connectivity Association Key (CAK) with the connection.