Dell EMC Specialist – Systems Administrator, ECS — Question 15

What is a difference between vSAN Data-In-Transit Encryption and vSAN Data-At-Rest-Encryption?

Answer options

• A. Data-In-Transit Encryption: Encrypts traffic between VMs and the VxRail nodes Data-At-Rest Encryption: Encrypts traffic between VxRail nodes only
• B. Data-In-Transit Encryption: Does not require a Key Management Server Data-At-Rest Encryption: Requires a Key Management Server
• C. Data-In-Transit Encryption: Key Management Server must reside on the vSAN cluster Data-At-Rest Encryption: Key Management Server can reside on the vSAN cluster
• D. Data-In-Transit Encryption: Addresses fear of media theft Data-At-Rest Encryption: Addresses fear of rogue administrators

Correct answer: A

Explanation

The correct answer is A because Data-In-Transit Encryption protects the data as it moves between VMs and VxRail nodes, while Data-At-Rest Encryption secures data only within the VxRail nodes. The other options describe incorrect requirements or scopes for the encryption types.