SAA-C03 · Question #637
SAA-C03 Question #637: Real Exam Question with Answer & Explanation
The correct answer is A: Create an S3 bucket. Enable versioning and S3 Object Lock on the bucket. Configure default. To protect data against ransomware or accidental/malicious deletion, you must enable S3 Object Lock with versioning. Setting the Object Lock in compliance mode ensures that no user - including the root user - can delete or alter data during the retention period. By configuring a
Question
A company wants to store data for a new application in Amazon S3. The company needs a solution to protect the application against ransomware attacks. The solution must block any entity from deleting or altering files that the application creates and uploads to Amazon S3 for 2 years. Which solution will meet these requirements?
Options
- ACreate an S3 bucket. Enable versioning and S3 Object Lock on the bucket. Configure default
- BCreate an S3 bucket. Disable versioning and enable S3 Object Lock on the bucket. Configure
- CCreate an S3 bucket. Disable versioning and enable S3 Object Lock on the bucket. Configure
- DCreate an S3 bucket. Enable versioning and S3 Object Lock on the bucket. Configure legal hold
Explanation
To protect data against ransomware or accidental/malicious deletion, you must enable S3 Object Lock with versioning. Setting the Object Lock in compliance mode ensures that no user - including the root user - can delete or alter data during the retention period. By configuring a default retention period of 2 years, all uploaded objects will be protected for that time, fully meeting the security and immutability requirements.
Community Discussion
No community discussion yet for this question.