AWS Certified Cloud Practitioner (CLF-C02) — Question 420

Which AWS service can a company use to manage encryption keys in the cloud?

Answer options

• A. AWS License Manager
• B. AWS Certificate Manager (ACM)
• C. AWS CloudHSM
• D. AWS Directory Service

Correct answer: C

Explanation

AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud. AWS License Manager is designed for managing software licenses, AWS Certificate Manager manages SSL/TLS certificates, and AWS Directory Service provides managed Active Directory in the cloud, making them incorrect for dedicated key management.