How does Envelope Encryption work in AWS KMS?
A. The Customer Master Key is used to encrypt/decrypt a data key. The Plaintext Data Key is used to encrypt customer data.
B. Two encryption keys are used. The Customer Master Key encrypts customer data. The Data Key is used to re-encrypt the encrypted data.
C. Two encryption keys are used. The Data Key encrypts customer data. The Сustomer Master Key is used to re-encrypt the encrypted data.
D. The Customer Master Key is used to encrypt/decrypt a data key. The Encrypted Data Key is used to encrypt customer data.
A. The Customer Master Key is used to encrypt/decrypt a data key. The Plaintext Data Key is used to encrypt customer data.
B. Two encryption keys are used. The Customer Master Key encrypts customer data. The Data Key is used to re-encrypt the encrypted data.
C. Two encryption keys are used. The Data Key encrypts customer data. The Сustomer Master Key is used to re-encrypt the encrypted data.
D. The Customer Master Key is used to encrypt/decrypt a data key. The Encrypted Data Key is used to encrypt customer data.