SOA-C03 · Question #79
SOA-C03 Question #79: Real Exam Question with Answer & Explanation
The correct answer is B: Enable S3 Object Lock on a new S3 bucket in compliance mode. Place all backups in the new S3. S3 Object Lock in compliance mode prevents any user, including the root user, from deleting or modifying objects during the retention period. This guarantees that backups remain undeletable for the required 3 months. Object Lock must be enabled when the bucket is created, and com
Question
A company is storing backups in an Amazon S3 bucket. The backups must not be deleted for at least 3 months after the backups are created. What should a CloudOps engineer do to meet this requirement?
Options
- AConfigure an IAM policy that denies the s3:DeleteObject action for all users. Three months after
- BEnable S3 Object Lock on a new S3 bucket in compliance mode. Place all backups in the new S3
- CEnable S3 Versioning on the existing S3 bucket. Configure S3 Lifecycle rules to protect the
- DEnable S3 Object Lock on a new S3 bucket in governance mode. Place all backups in the new S3
Explanation
S3 Object Lock in compliance mode prevents any user, including the root user, from deleting or modifying objects during the retention period. This guarantees that backups remain undeletable for the required 3 months. Object Lock must be enabled when the bucket is created, and compliance mode ensures regulatory-grade protection.
Community Discussion
No community discussion yet for this question.