AmazonAmazon
SCS-C02 · Question #454
SCS-C02 Question #454: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #454. The question stem and answer options stay visible for context.
Submitted by fatema_kw· Mar 6, 2026
Question
A company stores sensitive data in an Amazon S3 bucket. The company encrypts the data at rest by using server-side encryption with Amazon S3 managed keys (SSE-S3). A security engineer must prevent any modifications to the data in the S3 bucket. Which solution will meet this requirement?
Options
- AConfigure S3 bucket policies to deny DELETE and PUT object permissions.
- BConfigure S3 Object Lock in compliance mode with S3 bucket versioning enabled.
- CChange the encryption on the S3 bucket to use AWS Key Management Service (AWS KMS)
- DConfigure the S3 bucket with multi-factor authentication (MFA) delete protection.
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.