Which of the following requires the LEAST amount of configuration when implementing this approach?

SCS-C01 0 Comments

A company has decided to migrate sensitive documents from on-premises data centers to Amazon S3. Currently, the hard drives are encrypted to meet a compliance requirement regarding data encryption. The CISO wants to improve security by encrypting each file using a different key instead of a single key. Using a different key would limit the security impact of a single exposed key.

Which of the following requires the LEAST amount of configuration when implementing this approach?
A . Place each file into a different S3 bucket. Set the default encryption of each bucket to use a different AWS KMS customer managed key.
B . Put all the files in the same S3 bucket. Using S3 events as a trigger, write an AWS Lambda function to encrypt each file as it is added using different AWS KMS data keys.
C . Use the S3 encryption client to encrypt each file individually using S3-generated data keys
D . Place all the files in the same S3 bucket. Use server-side encryption with AWS KMS-managed keys (SSE-KMS) to encrypt the data

Answer: A

Latest SCS-C01 Dumps Valid Version with 470 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SCS-C01 PDF     SCS-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments