BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SAP-C02 Topic 11 Question 28 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 28
Topic #: 11
[All SAP-C02 Questions]

A company's compliance audit reveals that some Amazon Elastic Block Store (Amazon EBS) volumes that were created in an AWS account were not encrypted. A solutions architect must Implement a solution to encrypt all new EBS volumes at rest

Which solution will meet this requirement with the LEAST effort?

Show Suggested Answer Hide Answer
Suggested Answer: D

The most effortless way to ensure that all new Amazon Elastic Block Store (EBS) volumes are encrypted at rest is to enable EBS encryption by default in all AWS Regions. This setting automatically encrypts all new EBS volumes and snapshots created in the account, thereby ensuring compliance with encryption policies without the need for manual intervention or additional monitoring.


by Scarlet at Apr 24, 2024, 10:38 PM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Christene
4 months ago
I see the benefits of option C for automation, but option D does seem like a straightforward choice.
upvoted 0 times
...
Eleonora
5 months ago
That's a good point User4, option D would definitely be the least effort.
upvoted 0 times
...
Adelina
5 months ago
I believe option D is the simplest solution, just turning on encryption by default.
upvoted 0 times
...
Merlyn
6 months ago
I agree with User2, option C would require less manual effort.
upvoted 0 times
...
Brinda
6 months ago
But option C seems like a more automated approach.
upvoted 0 times
...
Christene
6 months ago
I think option A is the best solution.
upvoted 0 times
...
Anglea
7 months ago
What about using AWS Config rule to encrypt new EBS volumes using AWS Systems Manager Automation?
upvoted 0 times
...
Isabella
7 months ago
I disagree, I believe the most efficient solution is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
Marti
7 months ago
We should consider the effort required and the effectiveness of each solution before making a decision.
upvoted 0 times
...
Janine
7 months ago
Implementing encryption by default in all Regions may be the most straightforward solution but not necessarily the most efficient one.
upvoted 0 times
...
Lindsey
7 months ago
Using AWS Audit Manager with data encryption could also be a good option for ensuring compliance.
upvoted 0 times
...
Lorean
7 months ago
I still believe creating an Amazon EventBridge rule to delete noncompliant volumes is the simplest solution.
upvoted 0 times
...
Jesus
7 months ago
That's a good point, but using AWS Config rule to detect creation of new EBS volumes and encrypting them with AWS Systems Manager Automation could be more efficient.
upvoted 0 times
...
Gearldine
7 months ago
I think the best option is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
...
...
Leonida
7 months ago
I think the best solution is to create an Amazon EventBridge rule and invoke a Lambda function to delete noncompliant volumes.
upvoted 0 times
...

Save Cancel