A SysOps Administrator using AWS KMS needs to rotate all customer master keys (CMKs) every week to meet Information Security guidelines.
Which option would meet the requirement?
A. Create a new CMK every 7 days to manually rotate the encryption keys.
B. Enable key rotation on the CMKs and set the rotation period to 7 days.
C. Switch to using AWS CloudHSM as AWS KMS does not support key rotation.
D. Use data keys for each encryption task to avoid the need to rotate keys.
Which option would meet the requirement?
A. Create a new CMK every 7 days to manually rotate the encryption keys.
B. Enable key rotation on the CMKs and set the rotation period to 7 days.
C. Switch to using AWS CloudHSM as AWS KMS does not support key rotation.
D. Use data keys for each encryption task to avoid the need to rotate keys.