What encryption method protects all of a system's data at rest?

Whole-instance encryption is the correct answer because it involves encrypting all the data stored on a system, ensuring comprehensive protection for all files and information at rest. This method is particularly effective as it encrypts everything within the instance, including the operating system, applications, and user data, thus providing a more holistic security approach.

In contrast, file-level encryption only secures specific files or folders rather than the entire storage volume. While this method offers targeted protection, it doesn’t provide the same level of coverage as whole-instance encryption. Secure Sockets Layer (SSL) is primarily used for securing data in transit, not data at rest, and is therefore not applicable to this question. Data-at-rest encryption is a broader term that can encompass various methods, including whole-instance encryption, but does not specify the comprehensive nature of whole-instance encryption itself. Thus, while other options might offer some form of protection, whole-instance encryption is the most effective method for protecting all data at rest within a system.