AmazonAmazon
SOA-C02 · Question #54
SOA-C02 Question #54: Real Exam Question with Answer & Explanation
Sign in or unlock SOA-C02 to reveal the answer and full explanation for question #54. The question stem and answer options stay visible for context.
Submitted by carlos_mx· Mar 30, 2026Security and Compliance
Question
A company using AWS Organizations requires that no Amazon S3 buckets in its production accounts should ever be deleted. What is the SIMPLEST approach the SysOps administrator can take to ensure S3 buckets in those accounts can never be deleted?
Options
- ASet up MFA Delete on all the S3 buckets to prevent the buckets from being deleted.
- BUse service control policies to deny the s3:DeleteBucket action on all buckets in production
- CCreate an IAM group that has an IAM policy to deny the s3:DeleteBucket action on all buckets in
- DUse AWS Shield to deny the s3:DeleteBucket action on the AWS account instead of all S3
Unlock SOA-C02 to see the answer
You've previewed enough free SOA-C02 questions. Unlock SOA-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#AWS Organizations#Service Control Policies (SCPs)#S3 Security#Access Control