SCS-C03
Data Protection
hard
Question 9 of 36

A company needs to encrypt data in one AWS Region and decrypt it in another Region without re-encrypting the data or making a cross-Region call to AWS KMS. Which KMS feature should the company use?

AAWS managed keys
BImported key material in a single Region
CMulti-Region keys
DAutomatic key rotation

More Data Protection Questions

36 questions

Full AWS Certified Security - Specialty Practice Test

All topics covered

All AWS Certified Security - Specialty Questions

Browse by topic

Related Questions

A team stores database credentials in AWS Secrets Manager and wants to avoid extra KMS key charges u...

easy

A company wants write-once-read-many protection for objects in Amazon S3 so the objects cannot be de...

easy

A compliance officer needs a retention mode in S3 Object Lock that prevents any user, including the ...

medium

A security architect wants full control over KMS key lifecycle and usage permissions for an encrypti...

medium

A company needs single-tenant hardware security modules with full control over algorithms and keys, ...

medium
View all Data Protection questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account