AWS Certified Security – Specialty — Question 22

A Security Engineer is trying to determine whether the encryption keys used in an AWS service are in compliance with certain regulatory standards.
Which of the following actions should the Engineer perform to get further guidance?

Answer options

• A. Read the AWS Customer Agreement.
• B. Use AWS Artifact to access AWS compliance reports.
• C. Post the question on the AWS Discussion Forums.
• D. Run AWS Config and evaluate the configuration outputs.

Correct answer: B

Explanation

The correct answer is B because AWS Artifact provides access to compliance reports that can help determine if the encryption keys align with regulatory standards. Option A is incorrect as the AWS Customer Agreement does not provide specific compliance details about encryption keys. Option C is not suitable since the AWS Discussion Forums are not an official source for compliance guidance. Option D is also incorrect because AWS Config evaluates resource configurations but does not specifically address compliance with regulatory standards.