{"id":821,"date":"2022-02-07T05:52:47","date_gmt":"2022-02-07T05:52:47","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/aws-certified-solutions-architect-professional-sap-c01-question808\/"},"modified":"2022-02-07T05:52:47","modified_gmt":"2022-02-07T05:52:47","slug":"aws-certified-solutions-architect-professional-sap-c01-question808","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/aws-certified-solutions-architect-professional-sap-c01-question808\/","title":{"rendered":"AWS Certified Solutions Architect &#8211; Professional SAP-C01 &#8211; Question808"},"content":{"rendered":"<div class=\"question\">A company has multiple AWS accounts. The company recently had a security audit that revealed many unencrypted Amazon Elastic Block Store (Amazon EBS) volumes attached to Amazon EC2 instances.<br \/>\nA solutions architect must encrypt the unencrypted volumes and ensure that unencrypted volumes will be detected automatically in the future. Additionally, the company wants a solution that can centrally manage multiple AWS accounts with a focus on compliance and security.<br \/>\nWhich combination of steps should the solutions architect take to meet these requirements? (Choose two.)<br \/><strong><br \/>A.<\/strong> Create an organization in AWS Organizations. Set up AWS Control Tower, and turn on the strongly recommended guardrails. Join all accounts to the organization. Categorize the AWS accounts into OUs.<br \/><strong>B.<\/strong> Use the AWS CLI to list all the unencrypted volumes in all the AWS accounts. Run a script to encrypt all the unencrypted volumes in place.<br \/><strong>C.<\/strong> Create a snapshot of each unencrypted volume. Create a new encrypted volume from the unencrypted snapshot. Detach the existing volume, and replace it with the encrypted volume.<br \/><strong>D.<\/strong> Create an organization in AWS Organizations. Set up AWS Control Tower, and turn on the mandatory guardrails. Join all accounts to the organization. Categorize the AWS accounts into OUs.<br \/><strong>E.<\/strong> Turn on AWS CloudTrail. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to detect and automatically encrypt unencrypted volumes.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>AC<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nReference: <a href=\"https:\/\/docs.aws.amazon.com\/controltower\/latest\/userguide\/guardrails.html\" title=\"External link\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/docs.aws.amazon.com\/controltower\/latest\/userguide\/guardrail&#8230;<\/a><br \/>\n<a href=\"https:\/\/aws.amazon.com\/premiumsupport\/knowledge-center\/create-unencrypted-volume-kms-key\/\" title=\"External link\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/aws.amazon.com\/premiumsupport\/knowledge-center\/create-unenc&#8230;<\/a><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A company has multiple AWS accounts. The company recently had a security audit that revealed many unencrypted Amazon Elastic Block Store (Amazon EBS) volumes attached to Amazon EC2 instances. A solutions architect must encrypt the unencrypted volumes and ensure that unencrypted volumes will be detected automatically in the future. Additionally, the company wants a solution [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,811],"class_list":["post-821","post","type-post","status-publish","format-standard","hentry","category-aws-certified-solutions-architect-professional-sap-c01","tag-aws-certified-solutions-architect-professional-sap-c01","tag-question-808"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/posts\/821","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/comments?post=821"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/posts\/821\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/media?parent=821"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/categories?post=821"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Solutions_Architect-Professional_SAP-C01\/wp-json\/wp\/v2\/tags?post=821"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}