A company has a large set of keys defined in AWS KMS. Their developers frequently use the keys for the applications being developed.
What is one of the ways that can be used to reduce the cost of accessing the keys in the AWS KMS service.
A. Enable rotation of the keys
B. Use Data key caching
C. Create an alias of the key
D. Use the right key policy
Answer: B
Explanation:
The AWS Documentation mentions the following
Data key caching stores data keys and related cryptographic material in a cache. When you encrypt or decrypt data, the AWS Encryption SDK looks for a matching data key in the cache. If it finds a match, it uses the cached data key rather than generatir a new one. Data key caching can improve performance, reduce cost, and help you stay within service limits as your application scales.
Option A.C and D are all incorrect since these options will not impact how the key is used. For more information on data key caching, please refer to below URL: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/data-key-cachine.htmll
The correct answer is: Use Data key caching Submit your Feedback/Queries to our Experts
Leave a Reply