Home
Valid Dumps
Microsoft
AI-102 (Designing and Implementing)
AI-900 (AI Fundamentals)
AZ-104 (Administrator)
AZ-140 (Configuring and Operating)
AZ-204 (Developing Solutions)
AZ-305 (Designing Infrastructure Solutions)
AZ-400 (DevOps Solutions)
AZ-500 (Security Technologies)
AZ-700 (Designing and Implementing)
All Microsoft Exams
Amazon
CLF-C01 (Cloud Practitioner)
DBS-C01 (Database - Specialty)
DVA-C01 (Developer Associate)
SCS-C01 (Security - Specialty)
SAA-C02 (Solutions Architect Associate)
SAA-C03 (Solutions Architect Associate)
SAP-C01 (Solutions Architect Professional)
SOA-C02 (Certified SysOps Administrator Associate)
DOP-C01 (DevOps Engineer Professional)
All Amazon Exams
Cisco
200-201 (CBROPS)
200-301 (CCNA)
200-901 (DEVASC)
300-410 (ENARSI)
300-415 (ENSDWI)
300-420 (ENSLD)
300-425 (ENWLSD)
300-430 (ENWLSI)
300-715 (SISE)
350-401 (ENCOR)
350-501 (SPCOR)
350-601 (DCCOR)
350-701 (SCOR)
350-801 (CLCOR)
400-007 (CCDE)
All Cisco Exams
CompTIA
220-1101 (A+ Core 1)
220-1102 (A+ Core 2)
CAS-004 (Advanced Security Practitioner)
CS0-002 (CySA+)
CV0-003 (Cloud+)
FC0-U61 (IT Fundamentals)
N10-008 (Network+)
PK0-004 (Project+)
PT0-002 (PenTest+)
SK0-005 (Server+)
SY0-601 (Security+)
XK0-004 (Linux+)
All CompTIA Exams
Google
Associate Cloud Engineer
Cloud Digital Leader
Professional Cloud Architect
Professional Cloud Security Engineer
Professional Data Engineer
All Google Exams
Huawei
H11-851 (HCNA-VC)
H12-211 (HCIA Routing&Switching)
H12-221 (HCNP-RS-IERN)
H12-224 (HCNP-RS Fast Track)
H12-711 (HCNA-Security-CBSN)
H13-612 (HCNA-Storage-BSSN)
H13-629 (HCIE-Storage)
All Huawei Exams
Python
Python Programming (PCAP)
All Python Exams
Juniper
JN0-104 (JNCIA-Junos)
JN0-251 (JNCIA-MistAI)
All Juniper Exams
Fortinet
NSE4_FGT-7.0 (FortiOS 7.0)
NSE4_FGT-7.2 (FortiOS 7.2)
NSE5_FAZ-7.0 (FortiAnalyzer 7.0)
NSE5_FCT-7.0 (FortiClient EMS 7.0)
NSE5_FMG-7.0 (FortiManager 7.0)
NSE7_EFW-7.0 (Enterprise Firewall 7.0)
NSE7_SDW-7.0 (SD-WAN 7.0 )
NSE8_812 (Written Exam)
All Fortinet Exams
Sign Up
Login
Which of the following is the most efficient way to automate the encryption of AWS CloudTrail logs using a Customer Master Key (CMK) in AWS KMS?
Amazon SCS-C01 Exam
Questions Number:
69
out of
160
Questions
43.12%
Question 69
Which of the following is the most efficient way to automate the encryption of AWS CloudTrail logs using a Customer Master Key (CMK) in AWS KMS?
A. Use the KMS direct encrypt function on the log data every time a CloudTrail log is generated.
B. Use the default Amazon S3 server-side encryption with S3-managed keys to encrypt and decrypt the CloudTrail logs.
C. Configure CloudTrail to use server-side encryption using KMS-managed keys to encrypt and decrypt CloudTrail logs.
D. Use encrypted API endpoints so that all AWS API calls generate encrypted CloudTrail log entries using the TLS certificate from the encrypted API call.
Show Answer
Log In to Comment
Submit
Previous Questions
Next Questions
Question number:
1
-
160
Direct Access
