Free AWS DVA-C02 Actual Exam Questions - Question 7 Discussion
use server-side encryption with an AWS owned encryption key
How should the developer create the DynamoDB table to meet these requirements?
D imo, server-side encryption with AWS owned keys is the default for DynamoDB tables.
It’s D for sure. AWS owned keys are the default encryption method for DynamoDB, so you don’t have to specify any KMS key ARN or create keys manually when creating the table. Options A, B, and C all mention specifying a key, which is only necessary if you want customer managed or AWS managed keys. Since the question explicitly says AWS owned key, just creating the table with default settings meets the requirement. No extra parameters needed.
If the question wants server-side encryption with an AWS owned key, that means no custom key setup is needed. Options A and B mention creating or specifying a KMS key, which is for customer managed or AWS managed keys, not AWS owned keys. Option C talks about creating an AWS owned key and referencing its ARN, but you can’t actually create or manage AWS owned keys—they’re managed by AWS and used by default. So wouldn’t D make the most sense since the default encryption uses AWS owned keys without extra parameters? Why would you need to specify anything if the default is already the desired encr
This one feels like D because AWS owned keys are the default for DynamoDB encryption, so no extra KMS setup should be needed when creating the table. D
It’s A-just use a dev stage, simplest way.