Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Candice DVA-C02 Developer > KMS > Flashcards

KMS Flashcards

1
Q

How would you decrypt data locally?

A
  1. Use the Decrypt operation to decrypt the encrypted data key. The operation returns a plaintext copy of the data key.
  2. Use the plaintext data key to decrypt data locally, then erase the plaintext data key from memory.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is used for decryption: an encrypted or a plaintext key?

A

plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How would you encrypt data locally?

A
  1. Use the GenerateDataKey operation to get a data encryption key.
  2. Use the plaintext data key (returned in the Plaintext field of the response) to encrypt data locally, then erase the plaintext data key from memory.
  3. Store the encrypted data key (returned in the CiphertextBlob field of the response) alongside the locally encrypted data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When should you consider using AWS CloudHSM instead of AWS KMS ?

A

if you require:

– Keys stored in dedicated, third-party validated hardware security modules under your exclusive control.

– FIPS 140-2 compliance.

– Integration with applications using PKCS#11, Java JCE, or Microsoft CNG interfaces.

– High-performance in-VPC cryptographic acceleration (bulk crypto).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Candice DVA-C02 Developer (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions