You have many IAM users with the ability to create EC2 volumes. Most of the data your team works with is sensitive, so you would like to make sure all volumes are encrypted. How might you facilitate this requirement?
A.
Create an AWS KMS policy and attach it to all IAM users that can create EC2 volumes.
B.
Use AWS Config and create a rule that requires all volumes, upon creation, be encrypted.
C.
Use AWS Config to send out reminders to IAM users every time they create an EC2 volume.
D.
Set EC2 to notify creators to encrypt their EC2 volumes.
Suggested Answer:B🗳️
AWS Config is used to evaluate the configuration settings of many AWS resources. When an EC2 volume in created, AWS Config can evaluate the volume against a rule that requires volumes to be encrypted. If the volume is not encrypted, AWS Config flags the volume and the rule as noncompliant. Reference: http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html
This section is not available anymore. Please use the main Exam Page.ANS-C00 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Scunningham99
Highly Voted 3 years, 9 months ago