Auditors for a health care company have mandated that all data volumes by encrypted at rest. Infrastructure is deployed mainly via AWS CloudFormation: however, third-party frameworks and manual deployment are required on some legacy systems. What is the BEST way to monitor, on a recurring basis, whether all EBS volumes are encrypted?
A) On a recurring basis, update all IAM user policies to require that EC2 instances are created with an encrypted volume.
B) Configure an AWS Config rule to run on a recurring basis for volume encryption.
C) Set up Amazon Inspector rules for volume encryption to run on a recurring schedule.
D) Use CloudWatch Logs to determine whether instances were created with an encrypted volume.
Correct Answer:
Verified
Q91: A company has decided to migrate sensitive
Q92: A Development team has built an experimental
Q93: A company became aware that one of
Q94: An Amazon EC2 instance is denied access
Q95: A Security Engineer signed in to the
Q97: A company has several workloads running on
Q98: A company has a customer master key
Q99: The Security Engineer implemented a new vault
Q100: A company requires that SSH commands used
Q101: A Systems Engineer is troubleshooting the connectivity
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents