Skip to Content

Amazon CLF-C02: Which AWS service provides encryption for Amazon RDS and EBS volumes?

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

Table of Contents

Question

Which AWS service provides encryption at rest for Amazon RDS and for Amazon Elastic Block Store (Amazon EBS) volumes?

A. AWS Lambda
B. AWS Key Management Service (AWS KMS)
C. AWS WAF
D. Amazon Rekognition

Answer

B. AWS Key Management Service (AWS KMS)

Explanation

The correct answer is: B. AWS Key Management Service (AWS KMS)

Explanation:

AWS Key Management Service (AWS KMS) is the AWS service that provides encryption at rest for both Amazon RDS and Amazon Elastic Block Store (Amazon EBS) volumes.

Amazon RDS (Relational Database Service) allows you to set up, operate, and scale a relational database in the cloud. It supports encryption at rest for the underlying storage used by your RDS instances. You can use AWS KMS to manage the encryption keys used for this purpose.

Amazon EBS provides block-level storage volumes for use with EC2 instances. EBS volumes can be encrypted for data at rest, and once again, AWS KMS is the service used to manage the encryption keys.

AWS Key Management Service (AWS KMS) is a fully managed encryption service that allows you to create and control encryption keys used to encrypt your data. It provides robust key management and allows you to centrally manage and audit key usage. You can use AWS KMS to create, rotate, and disable encryption keys for various AWS services, including RDS and EBS, to ensure data security.

Comparing the other options:

  • A. AWS Lambda: AWS Lambda is a serverless compute service. While it can be used to execute code in response to events, it’s not specifically designed for providing encryption at rest for RDS or EBS volumes.
  • C. AWS WAF: AWS WAF (Web Application Firewall) is used to protect web applications from various types of attacks. It’s not related to encryption at rest for RDS or EBS volumes.
  • D. Amazon Rekognition: Amazon Rekognition is a service for image and video analysis. It’s not related to providing encryption at rest for RDS or EBS volumes.

In summary, AWS Key Management Service (AWS KMS) is the correct choice for providing encryption at rest for both Amazon RDS and Amazon EBS volumes.

Which AWS service provides encryption for Amazon RDS and EBS volumes?

Amazon AWS Certified Cloud Practitioner CLF-C02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified Cloud Practitioner CLF-C02 exam and earn Amazon AWS Certified Cloud Practitioner CLF-C02 certification.