SOA-C02 · Question #159
SOA-C02 Question #159: Real Exam Question with Answer & Explanation
Sign in or unlock SOA-C02 to reveal the answer and full explanation for question #159. The question stem and answer options stay visible for context.
Question
A SysOps administrator is reviewing AWS Trusted Advisor warnings and encounters a warning for an S3 bucket policy that has open access permissions. While discussing the issue the bucket owner, the administrator realizes the S3 bucket is an origin for an Amazon CloudFront web distribution. Which action should the administrator take to ensure that users access objects in Amazon S3 by using only CloudFront URLs?
Options
- AEncrypt the S3 bucket content with Server-Side Encryption with Amazon S3-Managed Keys
- BCreate an origin access identity and grant it permissions to read objects in the S3 bucket.
- CAssign an IAM user to the CloudFront distribution and grant the user permissions in the S3 bucket
- DAssign an IAM role to the CloudFront distribution and grant the role permissions in the S3 bucket
Unlock SOA-C02 to see the answer
You've previewed enough free SOA-C02 questions. Unlock SOA-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.