Q50 — AWS SOA-C02 Ch.1

Question 50 of 100 | ← Chapter 1

An organization created an Amazon Elastic File System (Amazon EFS) volume with a file system ID of fs-85ba41fc, and it is actively used by 10 Amazon EC2 hosts. The organization has become concerned that the file system is not encrypted. How can this be resolved?

Correct Answer: D. Enable encryption on a newly created volume and copy all data from the original volume. Reconnect each host to the new volume.

Explanation

Amazon EFS加密功能仅在文件系统创建时启用,无法对现有未加密的文件系统直接启用加密(AWS文档明确指出加密配置不可修改)。选项D描述了正确的解决方案:创建新加密文件系统,复制数据后重新挂载。其他选项涉及错误的加密对象(如本地驱动器或连接配置)或尝试修改现有卷加密状态,均不符合EFS加密的实现机制。