List of questions
Related questions
Question 345 - SCS-C01 discussion
Your company use AWS KMS for management of its customer keys. From time to time, there is a requirement to delete existing keys as part of housekeeping activities. What can be done during the deletion process to verify that the key is no longer being used.
Please select:
A.
Use CloudTrail to see if any KMS API request has been issued against existing keys
B.
Use Key policies to see the access level for the keys
C.
Rotate the keys once before deletion to see if other services are using the keys
D.
Change the IAM policy for the keys to see if other services are using the keys
Your answer:
0 comments
Sorted by
Leave a comment first