Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SAA-CO2 - AWS Associate Architect > KMS > Flashcards

KMS Flashcards

1
Q

KMS means

A

Key management service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What type of cryptography does KMS use?

A

Symmetric.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does KMS do?

A

Stores and generates encrypted keys used by other services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Can AWS staff access your KMS keys?

A

Nope.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

KMS is for encryption at rest only. True or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Is KMS region specific?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Components of KMS

A

CMK
DEK
Key Policies
Grant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does DEK mean?

A

Data encryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does CMK mean?

A

Customer Master Key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CMK encryption size limit

A

4kb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Two types of of CMK are

A

Customer managed

AWS managed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In KMS. All CMKs require a Key Policy. True or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the three methods for accessing a CMK?

A

Key policy
IAM policy
Grants

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

KMS automatic key rotation, changes the keys on what timeline?

A

Once a year.

This can not be modified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A KMS CMK key is breached. Would rotating the key fix the issue?

A

Nope!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Is it possible to manage key rotation for AWS managed CMKs?

A

No

17
Q

How often are the keys rotated on AWS managed CMKs?

A

Every three years

18
Q

What do KMS grants do?

A

Allow you to delegate permissions to another AWS principal in your account.

19
Q

How do you create a KMS grant?

A

Via API

20
Q

True or false. KMS grants are attatched to a CMK?

A

True

21
Q

The key material of an AWS KMS CMK is …

A

The data this is used to encrypt and decrypt

22
Q

CMKs are tropically used to encrypt what?

A

Your data encryption keys

23
Q

You need to rotate your CMK everu year. What kind of CMK is required to do this?

A

Customer managed CMK

24
Q

How is KMS charged?

A

Per master key and the number of requests.

SAA-CO2 - AWS Associate Architect (47 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions