CompTIA Cloud+ (CV0-003) — Question 177

A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention. Which of the following will BEST resolve this issue?

Answer options

• A. Ensure all database queries are encrypted.
• B. Create an IPSec tunnel between the database server and its clients.
• C. Enable protocol encryption between the storage and the hypervisor.
• D. Enable volume encryption on the storage.
• E. Enable OS encryption.

Correct answer: D

Explanation

Enabling volume encryption on the storage (option D) is the most effective solution because it protects the data at rest without requiring manual intervention during reboots. The other options do not provide encryption for the stored data directly or do not meet the requirement for rebooting without manual steps.