AWS Certified Cloud Practitioner (CLF-C02) — Question 631

Which AWS service integrates with other AWS services to provide the ability to encrypt data at rest?

Answer options

• A. AWS Key Management Service (AWS KMS)
• B. AWS Certificate Manager (ACM)
• C. AWS Identity and Access Management (IAM)
• D. AWS Security Hub

Correct answer: A

Explanation

AWS Key Management Service (AWS KMS) is specifically designed to create and manage cryptographic keys, seamlessly integrating with many other AWS services to encrypt data at rest. While AWS Certificate Manager (ACM) handles SSL/TLS certificates and IAM manages access permissions, AWS Security Hub acts as a security posture management service rather than an encryption tool.