DOP-C02 · Question #381
DOP-C02 Question #381: Real Exam Question with Answer & Explanation
Sign in or unlock DOP-C02 to reveal the answer and full explanation for question #381. The question stem and answer options stay visible for context.
Question
A company uses an organization in AWS Organizations to manage many AWS accounts. The company has enabled all features for the organization. The company uses AWS CloudFormation StackSets to deploy configurations to the accounts. The company uses AWS Config to monitor an Amazon S3 bucket. The company needs to ensure that all object uploads to the S3 bucket use AWS Key Management Service (AWS KMS) encryption. Which solution will meet these requirements?
Options
- ACreate an AWS Config conformance pack that includes the s3-bucket-server-side-encryption-
- BCreate an SCP that includes a deny statement for the s3:createBucket action and a condition
- CCreate an AWS CloudFormation stack set to enable an AWS CloudTrail trail to capture S3 data
- DCreate an SCP that includes a deny statement for the s3:putObject action and a condition where
Unlock DOP-C02 to see the answer
You've previewed enough free DOP-C02 questions. Unlock DOP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.