Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam SAP-C02 Topic 11 Question 28 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 28
Topic #: 11
[All SAP-C02 Questions]

A company's compliance audit reveals that some Amazon Elastic Block Store (Amazon EBS) volumes that were created in an AWS account were not encrypted. A solutions architect must Implement a solution to encrypt all new EBS volumes at rest

Which solution will meet this requirement with the LEAST effort?

Show Suggested Answer Hide Answer
Suggested Answer: D

The most effortless way to ensure that all new Amazon Elastic Block Store (EBS) volumes are encrypted at rest is to enable EBS encryption by default in all AWS Regions. This setting automatically encrypts all new EBS volumes and snapshots created in the account, thereby ensuring compliance with encryption policies without the need for manual intervention or additional monitoring.


by Scarlet at Apr 24, 2024, 10:38 PM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Brinda
1 days ago
But option C seems like a more automated approach.
upvoted 0 times
...
Christene
2 days ago
I think option A is the best solution.
upvoted 0 times
...
Anglea
15 days ago
What about using AWS Config rule to encrypt new EBS volumes using AWS Systems Manager Automation?
upvoted 0 times
...
Isabella
16 days ago
I disagree, I believe the most efficient solution is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
Marti
7 days ago
We should consider the effort required and the effectiveness of each solution before making a decision.
upvoted 0 times
...
Janine
8 days ago
Implementing encryption by default in all Regions may be the most straightforward solution but not necessarily the most efficient one.
upvoted 0 times
...
Lindsey
9 days ago
Using AWS Audit Manager with data encryption could also be a good option for ensuring compliance.
upvoted 0 times
...
Lorean
10 days ago
I still believe creating an Amazon EventBridge rule to delete noncompliant volumes is the simplest solution.
upvoted 0 times
...
Jesus
11 days ago
That's a good point, but using AWS Config rule to detect creation of new EBS volumes and encrypting them with AWS Systems Manager Automation could be more efficient.
upvoted 0 times
...
Gearldine
12 days ago
I think the best option is to turn on EBS encryption by default in all AWS Regions.
upvoted 0 times
...
...
Leonida
17 days ago
I think the best solution is to create an Amazon EventBridge rule and invoke a Lambda function to delete noncompliant volumes.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77