AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

Which AWS service provides encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?

Real Exam

Community

RRitesh

Last updated: January 27, 2026 at 14:02

Amazon Cognito

AWS Identity and Access Management (IAM)

AWS Key Management Service (AWS KMS)

AWS Trusted Advisor

Explanation:

AWS Key Management Service (AWS KMS) is the correct service that provides encryption for data at rest in Amazon EBS volumes.

Key Points:

AWS KMS is a managed service that makes it easy to create and control the encryption keys used to encrypt your data
Amazon EBS encryption uses AWS KMS customer master keys (CMKs) when creating encrypted volumes and snapshots
Amazon Cognito is for user authentication and identity management
AWS IAM is for access control and permissions management
AWS Trusted Advisor is for cost optimization, security, and performance recommendations

When you create an encrypted EBS volume, AWS KMS generates a unique data encryption key that is used to encrypt your data. The data encryption key is then encrypted with your CMK, providing a secure encryption solution for your EBS volumes.

Powered ByGemini-3 Flash

Comments

Loading comments...