Which four statements are true for support of ZFS encryption?

You upgraded your server to Oracle Solaris 11 and you imported zpool (pool1) that was created in
Solaris 10. You need to create an encrypted ZFS file system in pool1, but first you need to make
sure that your server supports ZFS encryption.
Which four statements are true for support of ZFS encryption?

You upgraded your server to Oracle Solaris 11 and you imported zpool (pool1) that was created in
Solaris 10. You need to create an encrypted ZFS file system in pool1, but first you need to make
sure that your server supports ZFS encryption.
Which four statements are true for support of ZFS encryption?

A.
The encrypted file system must have been created in Oracle Solaris11. To encrypt a ZFS file
system from a previous version of Solaris, upgrade the zpool and create a new encrypted ZFS file
system into the encrypted ZFS file system.

B.
If you plan to create an encrypted file system in an existing zpool, the zpool must be upgraded
to ZFS version 30.

C.
ZFS encryption is integrated with the ZFS command set and no additional packages need to be
installed.

D.
ZFS encryption requires that the ZFS Dataset Encryption package be installed.

E.
If you plan to create an encrypted file system in an existing zpool, the pool must be upgraded to
ZFS version 21, minimum.

F.
Encryption is supported at the pool or dataset (file system) level.

G.
Encryption is supported at the pool level only for every file system in the pool will be encrypted.

H.
You cannot create an encrypted file system in a zpool that was created prior to oracle
Solaris11. Create a new zpool in Solaris11, create an encrypted ZFS file system in the new zpool,
and move or copy the data from the existing file system into the new encrypted file system.

Explanation:
A (not H): You can use your existing storage pools as long as they are upgraded.
You have the flexibility of encrypting specific file systems.
B(not E): Can I enable encryption on an existing pool?
Yes, the pool must be upgraded to pool version 30 to allow encrypted ZFS file systems and
volumes.
C(not D): ZFS encryption is integrated with the ZFS command set. Like other ZFS operations,
encryption operations such as key changes and rekey are performed online.
F (not G): Encryption is the process in which data is encoded for privacy and a key is needed by
the data owner to access the encoded data. You can set an encryption policy when a ZFS dataset
is created, but the policy cannot be changed.
Reference: Oracle Solaris ZFS Administration Guide, Encrypting ZFS File Systems



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Dupek

Dupek

A,B,C clearly correct answers. What do you think about pool level encryption? You can encrypt zfs or zvol, isn’t it? For fourth answare I can not find better than F but I do not know what’s mean pool level encryption.