Bird
0
0

You tried to delete a KMS key but received an error. What is the most likely reason?

medium📝 Debug Q14 of 15
AWS - Advanced Security
You tried to delete a KMS key but received an error. What is the most likely reason?
AThe key has a deletion window set and cannot be deleted immediately
BThe key is not enabled for encryption
CThe key is not attached to any resource
DThe key rotation is disabled
Step-by-Step Solution
Solution:

  1. Step 1: Understand KMS key deletion rules

    KMS keys cannot be deleted immediately; they require a waiting period called the deletion window.

  2. Step 2: Evaluate other options

    Options A, B, and D do not prevent deletion; only the deletion window does.

  3. Final Answer:

    The key has a deletion window set and cannot be deleted immediately -> Option A

  4. Quick Check:

    Deletion window blocks immediate key deletion [OK]
Quick Trick: KMS keys delete only after waiting period [OK]
Common Mistakes:
  • Trying to delete keys instantly
  • Confusing key enablement with deletion
  • Ignoring deletion window requirement

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
Advanced Security - AWS WAF for web application firewall - Quiz 15hard Architecture Best Practices - Operational excellence pillar - Quiz 7medium Architecture Best Practices - Reliability pillar principles - Quiz 2easy Architecture Best Practices - Performance efficiency pillar - Quiz 3easy CloudFormation - Resources section - Quiz 9hard Cost Optimization - Reserved Instances and Savings Plans - Quiz 8hard Cost Optimization - Budgets and cost anomaly detection - Quiz 12easy EKS - EKS networking with VPC CNI - Quiz 5medium EKS - EKS networking with VPC CNI - Quiz 9hard Serverless Architecture - Lambda with DynamoDB Streams - Quiz 11easy