Configuration Panel PBQs: AWS Certified Security - Specialty (SCS-C03)

easy

Question 1 of 3

Your security team has created a new KMS customer managed key named 'prod-data-encryption-key' for encrypting sensitive data in your production account. The key was created with default settings and needs to be hardened before being used. You must enable automatic key rotation, configure the key description, and ensure the key policy restricts usage appropriately. Configure the KMS key settings according to the objectives.

KMS > Customer managed keys > prod-data-encryption-key

prod-data-encryption-key

AWS KMS > Customer managed keys > prod-data-encryption-key

Key Details

▾

Key ID

mrk-a1b2c3d4e5f6g7h8i9j0

Key ARN

arn:aws:kms:us-east-1:123456789012:key/mrk-a1b2c3d4e5f6g7h8i9j0

Description

Key spec

SYMMETRIC_DEFAULT

Key usage

Key Rotation

▾

Automatic key rotationDisabled

Automatically rotates the key material every rotation period

Progress

0 of 4 settings correct

Adjust the configuration settings to meet the requirements

0 of 3 marked complete