🔥 3-day streak
AWS Certified Security - Specialty92 / 184
Question 92 of 184

A financial services company must meet a regulatory requirement that all cryptographic key material used to encrypt customer data at rest be stored in single-tenant, FIPS 140-2 Level 3 validated hardware that the company controls, while still using AWS KMS APIs for envelope encryption across services such as S3 and EBS. Which approach satisfies this requirement with the least custom integration effort?

Reviewed for accuracy · Report an issueNext question