Which of these options would allow you to encrypt your data at rest?

Your company policies require encryption of sensitive data at rest. You are considering the possible options for
protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance. Which of these
options would allow you to encrypt your data at rest? (Choose 3 answers)

Your company policies require encryption of sensitive data at rest. You are considering the possible options for
protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance. Which of these
options would allow you to encrypt your data at rest? (Choose 3 answers)

A.
Implement third party volume encryption tools

B.
Do nothing as EBS volumes are encrypted by default

C.
Encrypt data inside your applications before storing it on EBS

D.
Encrypt data using native data encryption drivers at the file system level

E.
Implement SSL/TLS for all services running on the server



Leave a Reply 11

Your email address will not be published. Required fields are marked *


Frank

Frank

Hi,

I would say A, C and D

Not E since SSL/TLS is encryption in transfer (https) and not encryption of sensitive data at rest.

And B is just not true. Although you nowadays can add encryption when creating a EBS volume but it is NOT turned on by default.

GFY

GFY

Frank is right.

KwagongMakisig

KwagongMakisig

I agree ACD

Srinivasu Muchcherla

Srinivasu Muchcherla

ACD … SSL/TLS is required at transit…:(

arc5934

arc5934

I think it is: ACE. I choose E because you have to move data from the application to EBS volume over internet. With A and C , you have already encrypted the root EBS volume (where you want to store the data) and encrypted the data. Any thoughts?

lyannabear

lyannabear

Answer is ACD

Most of the answers at the top are wrong. I’ve gone through the trouble of correcting all 400 of them for my own study purposes. If you would like a digital copy of this dump please send $40 to paypal.me/lyannabear

Halloween

Halloween

Stop trolling mate. Take your shit somewhere else.

zhouyl@amz

zhouyl@amz

answer should be ACE
For D, you are using AWS, EBS, how can you use native data encryption drivers to encrypt data on a cloud?