AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which AWS service can be used to encrypt data at rest?
Real Exam
Community
RRitesh
A
Amazon GuardDuty
B
AWS Shield
C
AWS Security Hub
D
AWS Key Management Service (AWS KMS)
Explanation:
Explanation
AWS Key Management Service (AWS KMS) is the correct service for encrypting data at rest. Here's why:
-
AWS KMS is a managed service that makes it easy to create and control the encryption keys used to encrypt your data. It integrates with many AWS services to encrypt data at rest, including Amazon S3, Amazon EBS, Amazon RDS, and more.
-
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads.
-
AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.
-
AWS Security Hub is a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation.
AWS KMS provides centralized control over encryption keys and supports both symmetric and asymmetric encryption, making it the primary service for data encryption at rest across AWS services.
Comments
Loading comments...