Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam SAP-C02 Topic 11 Question 28 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 28
Topic #: 11
[All SAP-C02 Questions]

A company's compliance audit reveals that some Amazon Elastic Block Store (Amazon EBS) volumes that were created in an AWS account were not encrypted. A solutions architect must Implement a solution to encrypt all new EBS volumes at rest

Which solution will meet this requirement with the LEAST effort?

Show Suggested Answer Hide Answer
Suggested Answer: D

The most effortless way to ensure that all new Amazon Elastic Block Store (EBS) volumes are encrypted at rest is to enable EBS encryption by default in all AWS Regions. This setting automatically encrypts all new EBS volumes and snapshots created in the account, thereby ensuring compliance with encryption policies without the need for manual intervention or additional monitoring.


Contribute your Thoughts:

Christene
7 months ago
I see the benefits of option C for automation, but option D does seem like a straightforward choice.
upvoted 0 times
...
Eleonora
7 months ago
That's a good point User4, option D would definitely be the least effort.
upvoted 0 times
...
Adelina
7 months ago
I believe option D is the simplest solution, just turning on encryption by default.
upvoted 0 times
...
Merlyn
9 months ago
I agree with User2, option C would require less manual effort.
upvoted 0 times
...
Brinda
9 months ago
But option C seems like a more automated approach.
upvoted 0 times
...
Christene
9 months ago
I think option A is the best solution.
upvoted 0 times
...
Anglea
10 months ago
What about using AWS Config rule to encrypt new EBS volumes using AWS Systems Manager Automation?
upvoted 0 times
...
Isabella
10 months ago
I disagree, I believe the most efficient solution is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
Marti
9 months ago
We should consider the effort required and the effectiveness of each solution before making a decision.
upvoted 0 times
...
Janine
9 months ago
Implementing encryption by default in all Regions may be the most straightforward solution but not necessarily the most efficient one.
upvoted 0 times
...
Lindsey
9 months ago
Using AWS Audit Manager with data encryption could also be a good option for ensuring compliance.
upvoted 0 times
...
Lorean
10 months ago
I still believe creating an Amazon EventBridge rule to delete noncompliant volumes is the simplest solution.
upvoted 0 times
...
Jesus
10 months ago
That's a good point, but using AWS Config rule to detect creation of new EBS volumes and encrypting them with AWS Systems Manager Automation could be more efficient.
upvoted 0 times
...
Gearldine
10 months ago
I think the best option is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
...
...
Leonida
10 months ago
I think the best solution is to create an Amazon EventBridge rule and invoke a Lambda function to delete noncompliant volumes.
upvoted 0 times
...

Save Cancel