Which of these options would allow you to encrypt your data at rest?

By: study aws cloud

On: January 7, 2025

Tagged: Solutions Architect Professional

With: 0 Comments

Your company policies require encryption of sensitive data at rest.You are considering the possible options for protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance.

Which of these options would allow you to encrypt your data at rest?

(Choose three.)

Implement third party volume encryption tools

Implement SSL/TLS for all services running on the server

Encrypt data inside your applications before storing it on EBS

Encrypt data using native data encryption drivers at the file system level

Do nothing as EBS volumes are encrypted by default

Explanations:

Third-party volume encryption tools can encrypt data at rest on EBS volumes effectively.

SSL/TLS secures data in transit, not at rest; it does not provide encryption for data stored.

Encrypting data within applications before storage ensures that data is protected at rest.

Native data encryption drivers can encrypt data at the file system level, ensuring it is secure.

EBS volumes are not encrypted by default; encryption must be explicitly enabled when creating them.

Previous Post: Which combination of controls should be used to protect against tampering with and unauthorized access to log files?

Next Post: What is the MOST scalable storage solution to fulfill this requirement?

Leave a Reply Cancel reply