S3 Quiz
Your company is planning on moving to the AWS Cloud. There is a strict compliance policy that mandates that data should be encrypted at rest. As an AWS Solution architect, you have been tasked to put the organization data on the cloud and also ensure that all compliance requirements have been met. Which of the below needs to be part of the implementation plan to ensure compliance with the security requirements. Choose 2 answers from the options given below.
A. Ensurethat all EBS volumes are encrypted
B. Ensurethat server-side encryption is enabled for S3 buckets
C. Ensurethat SSL is enabled for all load balancers
D. Ensurethat the EC2 Security rules only allow HTTPS traffic
A. & B.
The AWS Documentation mentions the following
Amazon EBS encryption offers a simple encryption solution for your EBS volumes without the need to build, maintain, and secure your own key management infrastructure.
Server-side encryption protects data at rest. Server-side encryption with Amazon S3-managed encryption keys (SSE-S3) uses strong multi-factor encryption. Amazon S3 encrypts each object with a unique key
Options C and D are invalid since these are used to manage encryption of data in transit
For more information on Encryption of EBS volumes, please visit the url
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
For more information on Encryption of S3 buckets, please visit the url
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
