AWS Certified Developer - Associate
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A company is utilizing an extensive array of EBS volumes to support their fleet of Amazon EC2 instances. As an AWS Certified Developer Associate, you have been approached to provide insights into the security features associated with EBS volumes. It is important to note that the company prefers not to create or maintain their own encryption key management system.
Can you assist them in identifying which options are applicable for Amazon EBS encryption? (Select two)
A
Encryption by default is a Region-specific setting. If you enable it for a Region, you cannot disable it for individual volumes or snapshots in that Region
B
Encryption by default is an AZ specific setting. If you enable it for an AZ, you cannot disable it for individual volumes or snapshots in that AZ
C
You can encrypt an existing unencrypted volume or snapshot by using AWS Key Management Service (KMS) AWS SDKs
D
A volume restored from an encrypted snapshot, or a copy of an encrypted snapshot is always encrypted
E
A snapshot of an encrypted volume can be encrypted or unencrypted