A company has decided to use AWS Key Management Service (AWS KMS) for all of its encryption keys. The company plans to create all of its keys as customer managed CMKs and will not import any encryption keys. The company must rotate its encryption keys once every 12 months. Which solution will meet these requirements? A. Change the customer managed CMK key policy to enable automatic key rotation. B. Use AWS managed CMKs instead of customer managed CMKs so that AWS will rotate the keys automatically. C. Invoke an AWS Lambda function regularly to rotate the backing key of each customer managed CMK. D. Enable automatic key rotation for each customer managed CMK after it has been created in AWS KMS.  Suggested Answer: C Community Answer: D This question is in SCS-C01 AWS Certified Security – Specialty Exam For getting AWS Certified Security – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer