{"id":115,"date":"2021-01-04T08:09:58","date_gmt":"2021-01-04T08:09:58","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question108\/"},"modified":"2021-01-04T08:09:58","modified_gmt":"2021-01-04T08:09:58","slug":"aws-certified-security-specialty-scs-c01-question108","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question108\/","title":{"rendered":"AWS Certified Security &#8211; Specialty SCS-C01 &#8211; Question108"},"content":{"rendered":"<div class=\"question\">A Security Engineer is looking for a way to control access to data that is being encrypted under a CMK. The Engineer is also looking to use additional authenticated data (AAD) to prevent tampering with ciphertext. Which action would provide the required functionality? <br \/><strong><br \/>A.<\/strong> Pass the key alias to AWS KMS when calling Encrypt and DecryptAPI actions. <br \/><strong>B.<\/strong> Use IAM policies to restrict access to Encrypt and DecryptAPI actions. <br \/><strong>C.<\/strong> Use kms:EncryptionContextas a condition when defining IAM policies for the CMK. <br \/><strong>D.<\/strong> Use key policies to restrict access to the appropriate IAM groups.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>D<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nReference: <a href=\"https:\/\/docs.aws.amazon.com\/crypto\/latest\/userguide\/crypto-ug.pdf\" title=\"External link\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/docs.aws.amazon.com\/crypto\/latest\/userguide\/crypto-ug.pdf<\/a><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A Security Engineer is looking for a way to control access to data that is being encrypted under a CMK. The Engineer is also looking to use additional authenticated data (AAD) to prevent tampering with ciphertext. Which action would provide the required functionality? A. Pass the key alias to AWS KMS when calling Encrypt and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,111],"class_list":["post-115","post","type-post","status-publish","format-standard","hentry","category-aws-certified-security-specialty-scs-c01","tag-aws-certified-security-specialty-scs-c01","tag-question-108"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts\/115","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/comments?post=115"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts\/115\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/media?parent=115"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/categories?post=115"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/tags?post=115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}