AmazonAmazon
SCS-C02 · Question #145
SCS-C02 Question #145: Real Exam Question with Answer & Explanation
The correct answer is C: Enable the PublicAccessBlock configuration on the S3 bucket. Configure an SCP to deny the. https://aws.amazon.com/s3/features/block-public-access/?nc1=h_ls
Submitted by renata2k· Mar 6, 2026
Question
A company has AWS accounts that are in an organization in AWS Organizations. An Amazon S3 bucket in one of the accounts is publicly accessible. A security engineer must change the configuration so that the S3 bucket is no longer publicly accessible. The security engineer also must ensure that the S3 bucket cannot be made publicly accessible in the future. Which solution will meet these requirements?
Options
- AConfigure the S3 bucket to use an AWS Key Management Service (AWS KMS) key. Encrypt all
- BEnable the PublicAccessBlock configuration on the S3 bucket. Configure an SCP to deny the
- CEnable the PublicAccessBlock configuration on the S3 bucket. Configure an SCP to deny the
- DConfigure the S3 bucket to use S3 Object Lock in governance mode. Configure an SCP to deny
Explanation
https://aws.amazon.com/s3/features/block-public-access/?nc1=h_ls
Community Discussion
No community discussion yet for this question.