A sys admin is using server side encryption with AWS S3. Which of the below mentioned
statements helps the user understand the S3 encryption functionality?
A.
The server side encryption with the user supplied key works when versioning is enabled
B.
The user can use the AWS console, SDK and APIs to encrypt or decrypt the content for server
side
encryption with the user supplied key
C.
The user must send an AES-128 encrypted key
D.
The user can upload his own encryption key to the S3 console
Explanation:
AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side
encryption can either have the S3 supplied AES-256 encryption key or the user can send the key
along with each API call to supply his own encryption key. The encryption with the user supplied
key (SSE-C. does not work with the AWS console. The S3 does not store the keys and the user
has to send a key with each request. The SSE-C works when the user has enabled versioning.
A
A