ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 431 - SCS-C01 discussion

Report
Export

Auditors for a health care company have mandated that all data volumes be encrypted at rest Infrastructure is deployed mainly via AWS CloudFormation however third-party frameworks and manual deployment are required on some legacy systems What is the BEST way to monitor, on a recurring basis, whether all EBS volumes are encrypted?

A.
On a recurring basis, update an IAM user policies to require that EC2 instances are created with an encrypted volume
Answers
A.
On a recurring basis, update an IAM user policies to require that EC2 instances are created with an encrypted volume
B.
Configure an AWS Config rule lo run on a recurring basis 'or volume encryption
Answers
B.
Configure an AWS Config rule lo run on a recurring basis 'or volume encryption
C.
Set up Amazon Inspector rules tor volume encryption to run on a recurring schedule
Answers
C.
Set up Amazon Inspector rules tor volume encryption to run on a recurring schedule
D.
Use CloudWatch Logs to determine whether instances were created with an encrypted volume
Answers
D.
Use CloudWatch Logs to determine whether instances were created with an encrypted volume
Suggested answer: B

Explanation:

To support answer B, use the reference https://d1.awsstatic.com/whitepapers/aws-securitywhitepaper.pdf"For example, AWS Config provides a managed AWS Config Rules to ensure that encryption is turnedon for all EBS volumes in your account."

asked 16/09/2024
Michael Crowson
46 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first