AWS Certified SysOps Administrator – Associate (legacy) — Question 192

The AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS KMS is integrated with oth-er AWS services including Amazon EBS, Amazon S3, Amazon Redshift, Elastic Transcoder, Ama-zon WorkMail, and
Amazon RDS to make it simple to encrypt your data with encryption keys that you manage. AWS KMS is also integrated with AWS CloudTrail to provide you with key usage logs to help meet your regulatory and compliance needs. Which of the following types of cryptog-raphy keys is supported by AWS KMS currently?

Answer options

• A. Private ephemeral key agreement cryptography
• B. Symmetric and asymmetric random number generation key cryptography
• C. Asymmetric key cryptography and symmetric key cryptography
• D. Only symmetric key cryptography

Correct answer: D

Explanation

The correct answer is D, as AWS KMS primarily supports symmetric key cryptography for encryption. While it does support asymmetric keys for certain tasks, the primary focus of KMS is on symmetric keys, making the other options incorrect or misleading in this context.