Which of the following are true regarding encrypted Amazon Elastic Block Store (EBS) volumes? Choose 2
answers
A.
Supported on all Amazon EBS volume types
B.
Snapshots are automatically encrypted
C.
Available to all instance types
D.
Existing volumes can be encrypted
E.
shared volumes can be encrypted
Explanation:
This feature is supported on all Amazon EBS volume types (General Purpose (SSD), Provisioned IOPS (SSD), and
Magnetic). You can access encrypted Amazon EBS volumes the same way you access existing volumes;
encryption and decryption are handled transparently and they require no additional action from you, your
Amazon EC2 instance, or your application. Snapshots of encrypted Amazon EBS volumes are automatically
encrypted, and volumes that are created from encrypted Amazon EBS snapshots are also automatically
encrypted.http://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html
AB
0
0
AB
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
1
0
AC
snapshots are not automatically encrypted. Can’t be D or E either
0
0
I agree with AC.
Please tell me if i am wrong, Coz B- snapshots are automaticallly encrypted, only if volume is encrypted
0
0
Sorry misread the questions. B is right as the question says, encrypted volumes.
I think its AB
0
0
Snapshots of encrypted EBS are automatically encrypted. Similarly, EBS restored from encrypted snapshots are also encrypted. So, A & B are correct.
0
0
sorry, miss read the q, volume already encrypted.
So ans is AB
0
0
AB
0
0
AB
C is wrong because i think EBS is not available for all instance types, when you launch instance you can find instance with EBS-backed only like General purpose T2 and Compute-optimized C3
0
0
AB are correct
C is not correct as not all instance types are supported.
0
0
AB
0
0
Answer is A and B.
Note: The snapshot is only automatically encrypted if the EBS is encrypted:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
When you create an encrypted EBS volume and attach it to a supported instance type, the following types of data are encrypted:
Data at rest inside the volume
All data moving between the volume and the instance
All snapshots created from the volume
This feature is supported with all EBS volume types (General Purpose SSD [gp2], Provisioned IOPS SSD [io1], Throughput Optimized HDD [st1], Cold HDD [sc1], and Magnetic [standard]), and you can expect the same IOPS performance on encrypted volumes as you would with unencrypted volumes, with a minimal effect on latency. You can access encrypted volumes the same way that you access unencrypted volumes; encryption and decryption are handled transparently and they require no additional action from you, your EC2 instance, or your application.
0
0