Examice

Exam PAM-CDE-RECERT All QuestionsBrowse all questions from this exam

Question 71

A customer is moving from an on-premises to a public cloud deployment.

What is the best and most cost-effective option to secure the server key?

Install the Vault in the cloud the same way that you would in an on-premises environment. Place the server key in a password protected folder on the operating system.

Install the Vault in the cloud the same way that you would in an on-premises environment. Purchase a Hardware Security Module to secure the server key.

Install the Vault using the Amazon Machine Images and secure the server key using native cloud Key Management Systems.

Install the Vault using the Amazon Machine Images and secure the server key with a Hardware Security Module.

Correct Answer: C

Securing server keys in the cloud environment while ensuring cost-effectiveness is best achieved by leveraging native cloud Key Management Systems (KMS). Installing the Vault using Amazon Machine Images (AMIs) and using KMS allows for seamless integration with cloud services, efficient key management, and cost savings by eliminating the need for additional hardware like a Hardware Security Module. This method adheres to best practices for cloud security and takes advantage of the inherent capabilities of cloud service providers, such as AWS.

Discussion

d5ea0d0Option: C

C is correct answer

omardwOption: C

C is Correct https://docs.cyberark.com/pam-self-hosted/Latest/en/Content/PAS%20Cloud/ChangeServerKeys-cloud.htm#:~:text=To%20ensure%20the%20security%20of%20the%20keys%20in%20AWS%2C%20it%20is%20recommended%20to%20follow%20AWS%20best%20practices%20and%20encrypt%20them%20with%20KMS