🔥 3-day streak
AWS Certified Security - Specialty83 / 157
Question 83 of 157

A security engineer manages a KMS customer managed key used by multiple applications to encrypt sensitive financial records. Compliance requires that (1) the key can only be used over encrypted connections and (2) applications must supply a specific encryption context tag so decrypt operations can be scoped and audited. Which combination of key policy conditions enforces both requirements on Decrypt operations?

Reviewed for accuracy · Report an issueNext question