Home
Exams
Microsoft
AI-102 (Designing and Implementing)
AI-900 (AI Fundamentals)
AZ-104 (Administrator)
AZ-140 (Configuring and Operating)
AZ-204 (Developing Solutions)
AZ-305 (Designing Infrastructure Solutions)
AZ-400 (DevOps Solutions)
AZ-500 (Security Technologies)
AZ-700 (Designing and Implementing)
All Microsoft Exams
Amazon
CLF-C01 (Cloud Practitioner)
DBS-C01 (Database - Specialty)
DVA-C01 (Developer Associate)
SCS-C01 (Security - Specialty)
SAA-C02 (Solutions Architect Associate)
SAA-C03 (Solutions Architect Associate)
SAP-C01 (Solutions Architect Professional)
SOA-C02 (Certified SysOps Administrator Associate)
DOP-C01 (DevOps Engineer Professional)
All Amazon Exams
Cisco
200-201 (CBROPS)
200-301 (CCNA)
200-901 (DEVASC)
300-410 (ENARSI)
300-415 (ENSDWI)
300-420 (ENSLD)
300-425 (ENWLSD)
300-430 (ENWLSI)
300-715 (SISE)
350-401 (ENCOR)
350-501 (SPCOR)
350-601 (DCCOR)
350-701 (SCOR)
350-801 (CLCOR)
400-007 (CCDE)
All Cisco Exams
CompTIA
220-1101 (A+ Core 1)
220-1102 (A+ Core 2)
CAS-004 (Advanced Security Practitioner)
CS0-002 (CySA+)
CV0-003 (Cloud+)
FC0-U61 (IT Fundamentals)
N10-008 (Network+)
PK0-004 (Project+)
PT0-002 (PenTest+)
SK0-005 (Server+)
SY0-601 (Security+)
XK0-004 (Linux+)
All CompTIA Exams
Google
Associate Cloud Engineer
Cloud Digital Leader
Professional Cloud Architect
Professional Cloud Security Engineer
Professional Data Engineer
All Google Exams
Huawei
H11-851 (HCNA-VC)
H12-211 (HCIA Routing&Switching)
H12-221 (HCNP-RS-IERN)
H12-224 (HCNP-RS Fast Track)
H12-711 (HCNA-Security-CBSN)
H13-612 (HCNA-Storage-BSSN)
H13-629 (HCIE-Storage)
All Huawei Exams
Python
Python Programming (PCAP)
All Python Exams
Juniper
JN0-104 (JNCIA-Junos)
JN0-251 (JNCIA-MistAI)
All Juniper Exams
Fortinet
NSE4_FGT-7.0 (FortiOS 7.0)
NSE4_FGT-7.2 (FortiOS 7.2)
NSE5_FAZ-7.0 (FortiAnalyzer 7.0)
NSE5_FCT-7.0 (FortiClient EMS 7.0)
NSE5_FMG-7.0 (FortiManager 7.0)
NSE7_EFW-7.0 (Enterprise Firewall 7.0)
NSE7_SDW-7.0 (SD-WAN 7.0 )
NSE8_812 (Written Exam)
All Fortinet Exams
Labs
New
CCNA 200-301
Introduction
IOS Operating System
IPv4 Address Configure Serial and Loopback Interfaces
IPv6 Address Configuration, Verification, and Troubleshooting
IPv6 Address Autoconfiguration and EUI-64
Understanding ARP and Proxy ARP
Configuring Standard VLANs
Configuring VTP Clients and Servers
Configuring VTP Transparent Mode
Securing VTP Domains
Switch Access Port Security
Advanced Switch Access Port Security
Advanced Static Switch Access Port Security
Disabling Auto-negotiation of Trunking
Configuring Dynamic Trunking
Configuring Default Gateways
Cisco Discovery Protocol (CDP)
Configuring LLDP on Cisco Devices
Configuring Errdisable Recovery
Configuring Inter-VLAN Routing with Router on a Stick (RoaS)
Inter-VLAN Routing Using Switched Virtual Interfaces (SVI)
Configuring Static Routing via Ethernet Interfaces
Configuring Static Routing via IP addresses
Configuring and Naming Static Routes
Configuring Default Static Routes
Configuring IPv6 Static Routes
Configuring IPv6 Default Routes
Configuring IP Floating Static Routes
Configuring RIP Version 2
RIPv2 Network Summarization Configuration
Toolbox
New
IPv4 Subnet Calculator
IPv4 Wildcard Mask Calculator
HTML Encoder and Decoder
URL Encoder and Decoder
Random Password Generator
Net Sec Tools
New
Cisco Packet Tracer
GNS3
EVE-NG
Wireshark
Postman
Nmap
Curl
Nessus
Burp Suite
Sign Up
Login
Dark Mode
Which of the following is the most efficient way to automate the encryption of AWS CloudTrail logs using a Customer Master Key (CMK) in AWS KMS?
Amazon SCS-C01 Exam
Questions Number:
69
out of
160
Questions
43.12%
Question 69
Which of the following is the most efficient way to automate the encryption of AWS CloudTrail logs using a Customer Master Key (CMK) in AWS KMS?
A. Use the KMS direct encrypt function on the log data every time a CloudTrail log is generated.
B. Use the default Amazon S3 server-side encryption with S3-managed keys to encrypt and decrypt the CloudTrail logs.
C. Configure CloudTrail to use server-side encryption using KMS-managed keys to encrypt and decrypt CloudTrail logs.
D. Use encrypted API endpoints so that all AWS API calls generate encrypted CloudTrail log entries using the TLS certificate from the encrypted API call.
Show Answer
Log In to Comment
Submit
Previous Questions
Next Questions
Question number:
1
-
160
Direct Access
