DBS-C01 Database Security • Set 10
DBS-C01 Database Security Practice Test 10 — 15 questions with explanations. Free, no signup.
A company has an Amazon S3 bucket that stores database backup files. The backups are encrypted using server-side encryption with AWS KMS (SSE-KMS). The security team wants to ensure that only a specific IAM role can decrypt the backups when restoring the database. Which policy should be attached to the KMS key to achieve this?