🔥 3-day streak
AWS Certified Security - Specialty96 / 184
Question 96 of 184
A financial services company must retain full control over the cryptographic material used to encrypt sensitive data in Amazon S3. To meet compliance, they create a KMS key with an origin of EXTERNAL and import their own 256-bit key material, setting it to expire after 90 days. As the expiration date approaches, the security team wants to ensure encrypted objects remain decryptable without disruption. Which action correctly extends the ability to use this key?
Reviewed for accuracy · Report an issueNext question