DEA-C01 · Question #19
DEA-C01 Question #19: Real Exam Question with Answer & Explanation
Sign in or unlock DEA-C01 to reveal the answer and full explanation for question #19. The question stem and answer options stay visible for context.
Question
A company has five offices in different AWS Regions. Each office has its own human resources (HR) department that uses a unique IAM role. The company stores employee records in a data lake that is based on Amazon S3 storage. A data engineering team needs to limit access to the records. Each HR department should be able to access records for only employees who are within the HR department's Region. Which combination of steps should the data engineering team take to meet this requirement with the LEAST operational overhead? (Choose two.)
Options
- AUse data filters for each Region to register the S3 paths as data locations.
- BRegister the S3 path as an AWS Lake Formation location.
- CModify the IAM roles of the HR departments to add a data filter for each department's Region.
- DEnable fine-grained access control in AWS Lake Formation. Add a data filter for each Region.
- ECreate a separate S3 bucket for each Region. Configure an IAM policy to allow S3 access.
Unlock DEA-C01 to see the answer
You've previewed enough free DEA-C01 questions. Unlock DEA-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.