Which statement best explains why encryption in transit and at rest is important in deployments?

• A. Encryption slows down deployment pipelines; it's optional in production.
• B. Protect data from interception and unauthorized access; use TLS and encryption keys.
• C. It guarantees zero downtime during deployments.
• D. It eliminates the need for access controls.

Answer: (B)

The main idea here is that protecting data both as it moves and while it’s stored is essential in deployments. Data traveling between services can be intercepted or tampered with, and data at rest—on disks, in databases, or in logs—can be exposed if storage is compromised. Encryption in transit, typically via TLS, prevents eavesdropping and tampering during network communication. Encryption at rest protects stored data by making it unreadable without the proper keys, so even if someone gains access to the storage, the data remains protected. Key management is a critical companion: securely storing, rotating, and restricting who can use encryption keys ensures that only authorized systems and people can decrypt what’s protected. Together, these practices address real security risks in deployment environments and support regulatory and privacy requirements. The other statements misstate the role of encryption (it isn’t optional in production), its impact on downtime (it doesn’t guarantee zero downtime), or it suggests it replaces access controls (it doesn’t).