Which of the following are true regarding encrypted Amazon Elastic Block Store (EBS) volumes?

Which of the following are true regarding encrypted Amazon Elastic Block Store (EBS) volumes? Choose 2
answers

Which of the following are true regarding encrypted Amazon Elastic Block Store (EBS) volumes? Choose 2
answers

A.
Supported on all Amazon EBS volume types

B.
Snapshots are automatically encrypted

C.
Available to all instance types

D.
Existing volumes can be encrypted

E.
shared volumes can be encrypted

Explanation:
This feature is supported on all Amazon EBS volume types (General Purpose (SSD), Provisioned IOPS (SSD), and
Magnetic). You can access encrypted Amazon EBS volumes the same way you access existing volumes;
encryption and decryption are handled transparently and they require no additional action from you, your
Amazon EC2 instance, or your application. Snapshots of encrypted Amazon EBS volumes are automatically
encrypted, and volumes that are created from encrypted Amazon EBS snapshots are also automatically
encrypted.

http://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html

Show Hint

Leave a Reply 12

Your email address will not be published. Required fields are marked *

jonny

jonny

AC

snapshots are not automatically encrypted. Can’t be D or E either

Reply

Venkat

Venkat

I agree with AC.
Please tell me if i am wrong, Coz B- snapshots are automaticallly encrypted, only if volume is encrypted

Reply

Venkat

Venkat

Sorry misread the questions. B is right as the question says, encrypted volumes.
I think its AB

Reply

Nani

Nani

Snapshots of encrypted EBS are automatically encrypted. Similarly, EBS restored from encrypted snapshots are also encrypted. So, A & B are correct.

Reply

jonny

jonny

sorry, miss read the q, volume already encrypted.

So ans is AB

Reply

engmohhamed

engmohhamed

AB
C is wrong because i think EBS is not available for all instance types, when you launch instance you can find instance with EBS-backed only like General purpose T2 and Compute-optimized C3

Reply

nadeem

nadeem

AB are correct

C is not correct as not all instance types are supported.

Reply

thewildbat

thewildbat

Answer is A and B.

Note: The snapshot is only automatically encrypted if the EBS is encrypted:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

When you create an encrypted EBS volume and attach it to a supported instance type, the following types of data are encrypted:

Data at rest inside the volume
All data moving between the volume and the instance
All snapshots created from the volume

This feature is supported with all EBS volume types (General Purpose SSD [gp2], Provisioned IOPS SSD [io1], Throughput Optimized HDD [st1], Cold HDD [sc1], and Magnetic [standard]), and you can expect the same IOPS performance on encrypted volumes as you would with unencrypted volumes, with a minimal effect on latency. You can access encrypted volumes the same way that you access unencrypted volumes; encryption and decryption are handled transparently and they require no additional action from you, your EC2 instance, or your application.

Reply