Which of the following are true regarding encrypted Amazon Elastic Block Store (EBS) volumes? Choose 2
answers
A.
Supported on all Amazon EBS volume types
B.
Snapshots are automatically encrypted
C.
Available to all instance typesD. Existing volumes can be encrypted
E.
shared volumes can be encrypted
Explanation:
This feature is supported on all Amazon EBS volume types (General Purpose (SSD), Provisioned IOPS (SSD),
and Magnetic). You can access encrypted Amazon EBS volumes the same way you access existing volumes;
encryption and decryption are handled transparently and they require no additional action from you, your
Amazon EC2 instance, or your application. Snapshots of encrypted Amazon EBS volumes are automatically
encrypted, and volumes that are created from encrypted Amazon EBS snapshots are also automatically
encrypted.
http://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html
A & B are right.
http://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html
AB
AC – right answer
B- is wrong , snapshot wont be encrypted unless EBS is already encrypted befor
The question is asking about encrypted EBS volumes.
“Which of the following are true regarding encrypted Amazon Elastic Block Store (EBS) volumes? ”
As a result the snapshot will be encrypted. That is why A and B are correct.
Also, not all instance types support encryption so C is not correct.
Ying is right. Answer is AB.
As per your thing C cannot be a right answer. Its supported for few instance types. follow below message from link
https://aws.amazon.com/blogs/aws/protect-your-data-with-new-ebs-encryption/
“your data is encrypted before it leaves the EC2 instance. In order to be able to do this efficiently and with low latency, the EBS encryption feature is only available on EC2’s M3, C3, R3, CR1, G2, and I2 instances. You cannot attach an encrypted EBS volume to other instance types”.
Just passed the AWS Architect associate 17/02/2018 and this was on the exam. Defiantly A & B