An administrator is working with sensitive data and wants to encrypt that data by Nutanix Software Encryption.
Which three types of information and components are required to enable this configuration? (Choose three.)
An administrator is working with sensitive data and wants to encrypt that data by Nutanix Software Encryption.
Which three types of information and components are required to enable this configuration? (Choose three.)
To enable Nutanix Software Encryption, you need a Key Management Server (KMS) to manage the encryption keys, a Root Certificate Authority (CA) to validate certificates, and a KMS Certificate to establish trust between the KMS and the Nutanix environment. These components ensure that encryption keys are securely managed and the integrity of the system is maintained. Self-Encryption Drives (SED) are related to hardware-based encryption, not software encryption, and a signed certificate for each CVM is not required for this configuration.
Should be ABD: you need KMS, KMS cert, and CA to sign it. You don't need a cert for each CVM (C), and SEDs are the hardware-based encryption concept. Ref.: https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_0:wc-security-data-encryption-aos-wc-c.html
no need of cert for CVM
ABD! E is incorrect because SEDs are hardware, whilst question states software encryption.
Should be ABD