Which of the following best describes a Self-Encrypting Drive (SED)?

A Self-Encrypting Drive (SED) is specifically designed to perform whole disk encryption through built-in hardware capabilities. This means that the encryption process is handled directly by the drive itself, allowing for a seamless integration of security without needing additional software. The hardware-based approach ensures that data is always encrypted when stored, and only decrypted when accessed by authenticated users. This built-in functionality enhances security by minimizing the risk of data exposure and ensures that encryption is consistently applied across the entire disk.

The other options do not adequately describe a Self-Encrypting Drive. For example, requiring external software for encryption does not fit with the design of an SED, as its primary feature is to operate independently of external software. Likewise, describing a RAM module that maintains data confidentiality or a cloud storage solution does not align with the characteristics of SEDs because they are fundamentally about disk-level encryption within physical storage devices rather than the scope of RAM or cloud-based storage solutions.