Examice

Exam SAP-C01 All QuestionsBrowse all questions from this exam

Question 1

Your company policies require encryption of sensitive data at rest. You are considering the possible options for protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance.

Which of these options would allow you to encrypt your data at rest? (Choose three.)

Implement third party volume encryption tools

Implement SSL/TLS for all services running on the server

Encrypt data inside your applications before storing it on EBS

Encrypt data using native data encryption drivers at the file system level

Do nothing as EBS volumes are encrypted by default

Correct Answer: A, C, D

To encrypt data at rest on an EBS data volume, attached to an EC2 instance, you have several options. First, you can implement third-party volume encryption tools to encrypt your data. Second, you can encrypt data inside your applications before storing it on the EBS volume, ensuring that the data is encrypted before it even reaches the storage medium. Lastly, you can use native data encryption drivers at the file system level to encrypt the data as it is written to and read from the EBS volume. Implementing SSL/TLS is not suitable for data at rest as it is meant for encrypting data in transit, and EBS volumes are not encrypted by default.

Discussion

KiraguJohn

Which of the following choices enables you to encrypt your data in transit? Why is SSL wrong?

RVivek

The question mentions "possible options for protecting data while storing it at rest" SSL/TLS is used for encrrypting data in transite

krisvija12

SSL/TLS encrypts data in transit and not in rest.

futen0326Options: BCD

You all have completely misread the question .. it is not a trick question. "You're weighing your choices for data protection while it's stored at rest on an EBS data disk" So besides the questions literally asking plainly how you can encrypt data in transit.. The scenario is saying that the data is sitting in the EBS data disk waiting to be moved, and the data will need to be encrypted in transit.

futen0326

Encrypting the volume DOES NOT provide encryption in transit..

Amazon_Dumps_comOptions: ACD

ACD is Valid ( ACD, ACD, ACD )

Narendragpt

NO Fight . the correct options are A, C, and D.

kuongnpOptions: ACD

A, C, D is correct

hatanaokiOptions: ACD

The correct answer to this question is definitely ACD.

iamRohanKaushikOptions: ACD

ACD is correct

Subs2021Options: ACD

ACD is correct

gameofloveOptions: ACD

SSL is Transport Protocol and the question is Data at rest

TigerInTheCloud

B and E are wrong

Ashok_GonuguntlaOptions: ACD

ACD is correct answer

nazharOptions: ACD

BCD is incorrect

epomattiOptions: ACD

Correct: A, C, D Incorrect: B - TLS is for transit encryption, not encryption at rest E - EBS does not automatically encrypt

exam_aszOptions: ACD

No need SSL/TLS

pititcu667Options: ACD

bcd is incorrect.

cannottellname

I believe, Data in transit means from EC2 level application to EBS volumes which is internal. Hence, SSL/TLS is not the solution. Thus, ACD seems correct options here. 3rd party encryption, File level encryption, and added already encrypted data.

Ni_yot

A, C and D. Trick question which i fell for. the question is asking about EBS volume encryption not for data in transit.