AWS Certified SysOps Administrator – Associate (legacy) — Question 795

What does the Server-side encryption provide in Amazon S3?

Answer options

• A. Server-side encryption doesn't exist for Amazon S3, but only for Amazon EC2.
• B. Server-side encryption protects data at rest using Amazon S3-managed encryption keys (SSE-S3).
• C. Server-side encryption provides an encrypted virtual disk in the cloud.
• D. Server-side encryption allows to upload files using an SSL endpoint for a secure transfer.

Correct answer: B

Explanation

Server-side encryption in Amazon S3 protects data at rest, and SSE-S3 specifically uses keys managed by Amazon S3 to perform this encryption automatically. Option A is incorrect because S3 fully supports server-side encryption, while option C describes block-level storage encryption rather than object storage. Option D is incorrect because SSL endpoints protect data in transit, not data at rest.