ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 627 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 627
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company is deploying a new application on Amazon EC2 instances. The application writes data to Amazon Elastic Block Store (Amazon EBS) volumes. The company needs to ensure that all data that is written to the EBS volumes is encrypted at rest.
Which solution will meet this requirement?

  • A. Create an IAM role that specifies EBS encryption. Attach the role to the EC2 instances.
  • B. Create the EBS volumes as encrypted volumes. Attach the EBS volumes to the EC2 instances.
  • C. Create an EC2 instance tag that has a key of Encrypt and a value of True. Tag all instances that require encryption at the EBS level.
  • D. Create an AWS Key Management Service (AWS KMS) key policy that enforces EBS encryption in the account. Ensure that the key policy is active.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by guptatrng at Sept. 8, 2022, 7:41 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rodriiviru
2 years, 8 months ago
Selected Answer: B
Use Amazon EBS encryption as a straight-forward encryption solution for your EBS resources associated with your EC2 instances. With Amazon EBS encryption, you aren't required to build, maintain, and secure your own key management infrastructure. Amazon EBS encryption uses AWS KMS keys when creating encrypted volumes and snapshots. Encryption operations occur on the servers that host EC2 instances, ensuring the security of both data-at-rest and data-in-transit between an instance and its attached EBS storage. You can attach both encrypted and unencrypted volumes to an instance simultaneously. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
upvoted 1 times
...
sivasumanth
2 years, 8 months ago
Selected Answer: B
You can enable encryption for EBS volumes while creating them.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel