What should the Security Engineer do to accomplish this?

SCS-C02 V2 0 Comments

A company has multiple Amazon S3 buckets encrypted with customer-managed CMKs Due to regulatory requirements the keys must be rotated every year. The company’s Security Engineer has enabled automatic key rotation for the CMKs; however the company wants to verity that the rotation has occurred.

What should the Security Engineer do to accomplish this?
A . Filter IAM CloudTrail logs for KeyRotaton events
B . Monitor Amazon CloudWatcn Events for any IAM KMS CMK rotation events
C . Using the IAM CLI. run the IAM kms gel-key-relation-status operation with the –key-id parameter to check the CMK rotation date
D . Use Amazon Athena to query IAM CloudTrail logs saved in an S3 bucket to filter Generate New Key events

Answer: A

Latest SCS-C02 Dumps Valid Version with 235 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SCS-C02 PDF     SCS-C02 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments