AWS Certified SysOps Administrator SOA-C01 – Question487 - AWS Certified SysOps Administrator SOA-C01

A company wants to review the security requirements of Glacier. Which of the below mentioned statements is true with respect to the AWS Glacier data security?

A. The user can set the serverside encryption flag to encrypt the data stored on Glacier.
B. All data stored on Glacier is protected with AES-256 server-side encryption.
C. All data stored on Glacier is protected with AES-128 server-side encryption.
D. The data stored on Glacier is not encrypted by default.

Correct Answer: B

Explanation:

Explanation: For Amazon Web Services, all the data stored on Amazon Glacier is protected using serverside encryption. AWS generates separate unique encryption keys for each Amazon Glacier archive, and en-crypts
it using AES-256. The encryption key then encrypts itself using AES-256 with a master key that is stored in a secure location. Reference: https://aws.amazon.com/glacier/faqs/