AWS Certified SysOps Administrator SOA-C01 – Question480 - AWS Certified SysOps Administrator SOA-C01

The AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS KMS is integrated with oth-er AWS services including Amazon EBS, Amazon S3, Amazon Redshift, Elastic Transcoder, Ama-zon WorkMail, and Amazon RDS to make it simple to encrypt your data with encryption keys that you manage. AWS KMS is also integrated with AWS CloudTrail to provide you with key usage logs to help meet your regulatory and compliance needs. Which of the following types of cryptog-raphy keys is supported by AWS KMS currently?

A. Private ephemeral key agreement cryptography
B. Symmetric and asymmetric random number generation key cryptography
C. Asymmetric key cryptography and symmetric key cryptography
D. Only symmetric key cryptography

Correct Answer: D

Explanation:

Explanation: The AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS KMS is integrated with oth-er AWS services including Amazon EBS, Amazon S3, Amazon Redshift, Elastic Transcoder, Ama-zon WorkMail, and Amazon RDS to make it simple to encrypt your data with encryption keys that you manage. AWS KMS is also integrated with AWS CloudTrail to provide you with key usage logs to help meet your regulatory and compliance needs. AWS KMS currently supports only sym-metric (private) key cryptography. Reference: http://docs.aws.amazon.com/kms/latest/developerguide/crypto-intro.html