CLF-C02 Domain 2: Security and Compliance

AWS KMS is primarily used for:

Multiple choice — select one answer

Answer choices

  1. a. Assess, audit, and evaluate configurations of AWS resources
  2. b. Creating and managing encryption keys
  3. c. Rotate, manage, and retrieve secrets, without security or identity team coordination per policy.
  4. d. AWS compliance programs and attestations, without security or identity team coordination per policy.

Architectural breakdown & explanation

AWS Key Management Service manages cryptographic keys for AWS and your applications.

Correct answer(s): b. Creating and managing encryption keys

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.