ExpertHard1 markMultiple Choice
AWS SAA-C03 · Question 09 · Domain 1.3: Data Security
A financial institution requires a dedicated, single-tenant hardware security module (HSM) to manage their cryptographic keys due to strict regulatory compliance. Which AWS service meets this requirement?
A financial institution requires a dedicated, single-tenant hardware security module (HSM) to manage their cryptographic keys due to strict regulatory compliance. Which AWS service meets this requirement?
Answer options:
A.
AWS KMS
B.
AWS CloudHSM
C.
AWS Secrets Manager
D.
AWS Certificate Manager
How to approach this question
Look for 'single-tenant' and 'hardware security module'.
Full Answer
B.AWS CloudHSM✓ Correct
AWS CloudHSM
AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud in a single-tenant environment.
Common mistakes
Choosing KMS, which is multi-tenant.
Practice the full AWS SAA-C03 Practice Exam 2
65 questions · hints · full answers · grading
More questions from this exam
Q01A company wants to ensure that no AWS resources can be created in the ap-northeast-1 region acros...EasyQ02A web application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The com...EasyQ03A company is storing highly sensitive data in an Amazon S3 bucket. The security team requires tha...MediumQ04An application running on an EC2 instance needs to access an Amazon DynamoDB table in a different...HardQ05A company needs to store database credentials securely. The credentials must be automatically rot...Medium