Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SAP-C02 Topic 11 Question 28 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 28
Topic #: 11
[All SAP-C02 Questions]

A company's compliance audit reveals that some Amazon Elastic Block Store (Amazon EBS) volumes that were created in an AWS account were not encrypted. A solutions architect must Implement a solution to encrypt all new EBS volumes at rest

Which solution will meet this requirement with the LEAST effort?

Show Suggested Answer Hide Answer
Suggested Answer: D

The most effortless way to ensure that all new Amazon Elastic Block Store (EBS) volumes are encrypted at rest is to enable EBS encryption by default in all AWS Regions. This setting automatically encrypts all new EBS volumes and snapshots created in the account, thereby ensuring compliance with encryption policies without the need for manual intervention or additional monitoring.


by Scarlet at Apr 24, 2024, 10:38 PM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Christene
9 months ago
I see the benefits of option C for automation, but option D does seem like a straightforward choice.
upvoted 0 times
...
Eleonora
9 months ago
That's a good point User4, option D would definitely be the least effort.
upvoted 0 times
...
Adelina
10 months ago
I believe option D is the simplest solution, just turning on encryption by default.
upvoted 0 times
...
Merlyn
11 months ago
I agree with User2, option C would require less manual effort.
upvoted 0 times
...
Brinda
11 months ago
But option C seems like a more automated approach.
upvoted 0 times
...
Christene
11 months ago
I think option A is the best solution.
upvoted 0 times
...
Anglea
12 months ago
What about using AWS Config rule to encrypt new EBS volumes using AWS Systems Manager Automation?
upvoted 0 times
...
Isabella
12 months ago
I disagree, I believe the most efficient solution is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
Marti
11 months ago
We should consider the effort required and the effectiveness of each solution before making a decision.
upvoted 0 times
...
Janine
12 months ago
Implementing encryption by default in all Regions may be the most straightforward solution but not necessarily the most efficient one.
upvoted 0 times
...
Lindsey
12 months ago
Using AWS Audit Manager with data encryption could also be a good option for ensuring compliance.
upvoted 0 times
...
Lorean
12 months ago
I still believe creating an Amazon EventBridge rule to delete noncompliant volumes is the simplest solution.
upvoted 0 times
...
Jesus
12 months ago
That's a good point, but using AWS Config rule to detect creation of new EBS volumes and encrypting them with AWS Systems Manager Automation could be more efficient.
upvoted 0 times
...
Gearldine
12 months ago
I think the best option is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
...
...
Leonida
12 months ago
I think the best solution is to create an Amazon EventBridge rule and invoke a Lambda function to delete noncompliant volumes.
upvoted 0 times
...

Save Cancel