SAA-C03 · Question #117
SAA-C03 Question #117: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #117. The question stem and answer options stay visible for context.
Question
A company has Amazon EC2 instances in multiple AWS Regions. The instances all store and retrieve confidential data from the same Amazon S3 bucket. The company wants to improve the security of its current architecture. The company wants to ensure that only the Amazon EC2 instances within its VPC can access the S3 bucket. The company must block all other access to the bucket. Which solution will meet this requirement?
Options
- AUse IAM policies to restrict access to the S3 bucket.
- BUse server-side encryption (SSE) to encrypt data in the S3 bucket at rest. Store the encryption
- CCreate a VPC endpoint for Amazon S3. Configure an S3 bucket policy to allow connections only
- DUse AWS Key Management Service (AWS KMS) with customer-managed keys to encrypt the
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.