Which of the following is the most suitable storage solution in this scenario?
A company needs to launch an Amazon EC2 instance with persistent block storage to host its application. The stored data must be encrypted at rest.
Which of the following is the most suitable storage solution in this scenario?
A . Amazon EBS volume with server-side encryption (SSE) enabled.
B . Encrypted Amazon EBS volume using AWS KM
D . Encrypted Amazon EC2 Instance Store using AWS KM
F . Amazon EC2 Instance Store with SSL encryption.
Answer: B
Explanation:
Amazon Elastic Block Store (Amazon EBS) provides block-level storage volumes for use with EC2 instances. EBS volumes behave like raw, unformatted block devices. You can mount these volumes as devices on your instances. EBS volumes that are attached to an instance are exposed as storage volumes that persist independently from the life of the instance.
Amazon EBS is the persistent block storage volume among the options given. It is mainly used as the root volume to store the operating system of an EC2 instance. To encrypt an EBS volume at rest, you can use AWS KMS customer master keys for the encryption of both the boot and data volumes of an EC2 instance.
Hence, the correct answer is: Encrypted Amazon EBS volume using AWS KMS.
The options that say: Amazon EC2 Instance Store with SSL encryption and Encrypted Amazon EC2 Instance Store using AWS KMS are both incorrect because the scenario requires persistent block storage and not temporary storage. Also, enabling SSL is not a requirement in the scenario as it is primarily used to encrypt data in transit.
The option that says: Amazon EBS volume with server-side encryption (SSE) enabled is incorrect
because EBS volumes are only encrypted using AWS KMS. Server-side encryption (SSE) is actually an
option for Amazon S3, but not for Amazon EC2.
References:
https://aws.amazon.com/ebs/faqs/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html
Check out this Amazon EBS Cheat Sheet:
https://tutorialsdojo.com/amazon-ebs/
Latest SAA-C03 Dumps Valid Version with 400 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund