Your company is planning on AWS on hosting its AWS resources. There is a company policy which mandates that all security keys are completely managed within the company itself.
Which of the following is the correct measure of following this policy?
A . Using the AWS KMS service for creation of the keys and the company managing the key lifecycle thereafter.
B . Generating the key pairs for the EC2 Instances using puttygen
C . Use the EC2 Key pairs that come with AWS
D . Use S3 server-side encryption
Answer: B
Explanation:
y ensuring that you generate the key pairs for EC2 Instances, you will have complete control of the access keys.
Options A,C and D are invalid because all of these processes means that AWS has ownership of the keys. And the question specifically mentions that you need ownership of the keys
For information on security for Compute Resources, please visit the below URL: https://d1.awsstatic.com/whitepapers/Security/Security Compute Services Whitepaper.pdfl The correct answer is: Generating the key pairs for the EC2 Instances using puttygen Submit your Feedback/Queries to our Experts
Leave a Reply