Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 320 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 320
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company's compliance audit reveals that some Amazon Elastic Block Store (Amazon EBS) volumes that were created in an AWS account were not encrypted. A solutions architect must implement a solution to encrypt all new EBS volumes at rest.

Which solution will meet this requirement with the LEAST effort?

  • A. Create an Amazon EventBridge rule to detect the creation of unencrypted EBS volumes. Invoke an AWS Lambda function to delete noncompliant volumes.
  • B. Use AWS Audit Manager with data encryption.
  • C. Create an AWS Config rule to detect the creation of a new EBS volume. Encrypt the volume by using AWS Systems Manager Automation.
  • D. Turn on EBS encryption by default in all AWS Regions.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by KungLjao at Oct. 29, 2023, 7:21 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
joleneinthebackyard
Highly Voted 1 year ago
Selected Answer: D
"must implement a solution to encrypt all NEWWW EBS volumes at rest."
upvoted 5 times
...
mark_232323
Most Recent 4 months ago
Selected Answer: C
there is no direct way to encrypt existing unencrypted EBS volumes or snapshots. https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-encrypt-existing-and-new-amazon-ebs-volumes.html
upvoted 1 times
Daniel76
2 weeks, 1 day ago
The question ask to encrypt new EBS, not the existing.
upvoted 1 times
...
...
Russs99
4 months, 2 weeks ago
Selected Answer: D
I am not picking an answer, I just wanted to point out that EBS encryption is regions specific. option D says : Turn on EBS encryption by default in all AWS Regions. there is no such feature. Option D still appears to be the best answer
upvoted 1 times
Daniel76
2 weeks, 1 day ago
We may consider it meant to be doing this configuration region by region. It's still require the least effort doing that. :)
upvoted 1 times
...
...
vibzr2023
10 months, 1 week ago
Answer: D Encryption of Amazon Elastic Block Store (Amazon EBS) volumes is important to an organization's data protection strategy. It is an important step in establishing a well-architected environment. Although there is no direct way to encrypt existing unencrypted EBS volumes or snapshots, you can encrypt them by creating a new volume or snapshot. https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-encrypt-existing-and-new-amazon-ebs-volumes.html
upvoted 4 times
...
career360guru
10 months, 1 week ago
Selected Answer: D
Option D
upvoted 1 times
...
airgead
1 year ago
Selected Answer: D
The keyword is all NEW EBS volumes. So by make EBS Encryption default, it means all new EBS will be encrypted without additional configuration.
upvoted 2 times
...
s61
1 year ago
Selected Answer: D
Least effort option
upvoted 3 times
...
gonzales
1 year ago
Selected Answer: D
The question states: ' A solutions architect must implement a solution to encrypt all new EBS volumes at rest' reference: https://repost.aws/knowledge-center/ebs-automatic-encryption
upvoted 3 times
...
KungLjao
1 year ago
Selected Answer: C
https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-encrypt-existing-and-new-amazon-ebs-volumes.html
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel