A financial company uses AWS KMS to encrypt sensitive data. The security team notices that a KMS key has been deleted, but the encrypted data is still needed for a short period. What is the fastest way to make the data decryptable again?
KMS allows cancelling deletion during the waiting period.
Why this answer
Option A is correct because KMS has a waiting period of 7-30 days during which the key can be cancelled. Option B is wrong because once deleted, the key cannot be recovered after the waiting period. Option C is wrong because re-encrypting requires the original key.
Option D is wrong because the previous key material is gone.