It is theoretically possible to encrypt the /boot partition as well, but the booting process become weird and tricky, and is therefore not recommended.
It is also theoretically possible to encrypt the swap area and still use hibernation, but again, is not recommended, because hibernation is insecure by nature.
