You are required to use data-at-rest encryption on a NetApp ONTAP system. You want to maintain cross-volume storage efficiencies.
Which three technologies would accomplish this task? (Choose three.)
You are required to use data-at-rest encryption on a NetApp ONTAP system. You want to maintain cross-volume storage efficiencies.
Which three technologies would accomplish this task? (Choose three.)
To maintain cross-volume storage efficiencies for data-at-rest encryption in a NetApp ONTAP system, three technologies fit the requirement. NetApp Volume Encryption (NVE) allows encryption at the volume level without impacting storage efficiencies across volumes. NetApp Aggregate Encryption (NAE) applies encryption across entire aggregates, which helps in maintaining storage efficiencies due to deduplication and compression benefits at the aggregate level. NetApp Storage Encryption (NSE) utilizes self-encrypting drives (SEDs) for hardware-based encryption without sacrificing storage efficiencies. Therefore, the three technologies that accomplish the task are NetApp Volume Encryption, NetApp Aggregate Encryption, and NetApp Storage Encryption.
C, D & E for me as NetApp Volume Encryption (NVE) volumes can exist in aggregated deduplicated aggregates, however the NVE volumes do not participate in the aggregate deduplication savings (the NVE volumes are ignored).
B, D and E would be my vote Definitely, not A. C and E are the same answer as NetApp Storage Encryption (NSE) uses Self-encrypting drives (SEDs). https://www.netapp.com/cyber-resilience/data-protection/storage-encryption/
Ontap support two types of encryption, software based and hardware based. Software based are NVE (NetApp Volume Encryption) and NAE (NetApp Aggregate Encryption). Hardware using NetApp Storage Encryption (NSE) supporting full disk encryption. All options leaves customer uses storage efficiencies of ONTAP.
I think CDE is right, because if Volumes are encrypted, the you can not earn so much effiencies. Because the Bytes are nearly randome because of the encryption.
SED is only mentioned for NVME https://www.netapp.com/pdf.html?item=/media/17073-ds-3898.pdf
Also, data should be encrypted on the fly on SED drives.