which of the following statements is true?

Comparing Transparent Data Encryption (TDE) column-based encryption and Transparent Data
Encryption (TDE) tablespace-based encryption, which of the following statements is true?

A.
With Transparent Data Encryption (TDE) column-based encryption, you cannot change the
masterencryption key with an ALTER SYSTEM command.

B.
With TDE column-based encryption, you cannot prevent encrypted data from having the same
distribution ofcharacters that it has unencrypted.

C.
With Transparent Data Encryption (TDE) tablespace-based encryption, performance is
generally worse thancolumn-based encryption, because encryption is done at the I/O level.

D.
With TDE tablespace-based encryption, data in the UNDO tablespace is encrypted.

E.
With TDE tablespace-based encryption, data blocks that come from an encrypted tablespace
are storedunencrypted in temporary tables.

Explanation:
TDE column encryption affects performance only when data is retrieved from or inserted into an
encryptedcolumn.
The total performance overhead depends on the number of encrypted columns andtheir frequency
of access. The columns most appropriate for encryption are thosecontaining the most sensitive
data.
Enabling encryption on an existing table results in a full table update like any otherALTER TABLE
operation that modifies table characteristics. Administrators shouldkeep in mind the potential
performance and redo log impact on the database serverbefore enabling encryption on a large
existing table.
A table can temporarily become inaccessible for write operations while encryption isbeing enabled,
table keys are being rekeyed, or the encryption algorithm is beingchanged.