SAA-C03 · Question #685
SAA-C03 Question #685: Real Exam Question with Answer & Explanation
The correct answer is A: Enable the versioning and MFA Delete features on the S3 bucket.. This will secure the audit documents by providing an additional layer of protection against accidental deletion. With versioning enabled, any deleted or overwritten objects in the S3 bucket will be preserved as previous versions, allowing the company to recover them if needed. Wi
Question
A company uses Amazon S3 to store its confidential audit documents. The S3 bucket uses bucket policies to restrict access to audit team IAM user credentials according to the principle of least privilege. Company managers are worried about accidental deletion of documents in the S3 bucket and want a more secure solution. What should a solutions architect do to secure the audit documents?
Options
- AEnable the versioning and MFA Delete features on the S3 bucket.
- BEnable multi-factor authentication (MFA) on the IAM user credentials for each audit team IAM
- CAdd an S3 Lifecycle policy to the audit team's IAM user accounts to deny the s3:DeleteObject
- DUse AWS Key Management Service (AWS KMS) to encrypt the S3 bucket and restrict audit team
Explanation
This will secure the audit documents by providing an additional layer of protection against accidental deletion. With versioning enabled, any deleted or overwritten objects in the S3 bucket will be preserved as previous versions, allowing the company to recover them if needed. With MFA Delete enabled, any delete request made to the S3 bucket will require the use of an MFA code, which provides an additional layer of security.
Community Discussion
No community discussion yet for this question.