Home › AWS SysOps Associate › cloudcomputing › sysopssecuritynetwork › Which AWS service allows centrally rotating keys…
Which AWS service allows centrally rotating keys, audit-logging key usage, and enforcing key access policies for encryption across S3, RDS, EBS, and Lambda?
AAmazon Macie
BAWS Trusted Advisor
CAWS Secrets Manager
DAWS Key Management Service (KMS)
Answer & Solution
Correct answer: D. AWS Key Management Service (KMS)
KMS centralises HSM-backed keys, rotates them, logs use via CloudTrail, and integrates with most encrypting AWS services. Secrets Manager stores credentials (which can be KMS-encrypted), Macie classifies sensitive data, Trusted Advisor advises.
Related questions
Which managed AWS service centralises and accelerates cross-Region private traffic betweenWhich Route 53 feature distributes requests to multiple endpoints proportionally based on An application backed by an ALB receives an unusually high number of 4xx errors from a fewAn EC2 instance in a private subnet needs outbound HTTPS to api.example.com but no inboundWhich AWS service tests an IAM policy against a hypothetical request and explains which stWhich managed service lets you privately connect a VPC to an AWS service (e.g. S3, DynamoDWhich networking object inside a VPC is STATELESS (return traffic doesn't auto-allow) and Which AWS feature provides DDoS protection at L3/L4 for all AWS customers by default, with