Question #835

试题更新时间: 2023-11-07 12:59:45

An IT company has a big data analytics application that is deployed in EC2 in multiple availability zones. These EC2 instances simultaneously access a shared Amazon EFS file system using a traditional file permissions model. A recent internal security audit has found that there is a potential security risk as the EFS file system is not encrypted for either at rest or in transit. What actions could be taken to address the potential security threat posed by non-encryption of the EFS volume?

A. The encryption of data at rest has to be enabled when the Amazon EFS file system is created. The encryption of data in transit can be enabled when the file system is mounted in EC2 instance

B. The encryption of data at rest and in transit can be enabled when the Amazon EFS file system is created.

C. The encryption of data at rest and in transit can only be enabled when the Amazon EFS file system is mounted in EC2 instance.

D. The encryption of data at rest can be enabled when the Amazon EFS file system is mounted in EC2 instance. The encryption of data in transit is enabled when the EFS file system is created using AWS console or CLI.

上一题收藏列表练习记录

下一题点击收藏

问题反馈