ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Cloud Practitioner All Questions

View all questions & answers for the AWS Certified Cloud Practitioner exam
Go to Exam

Exam AWS Certified Cloud Practitioner topic 1 question 871 discussion

Exam question from Amazon's AWS Certified Cloud Practitioner
Question #: 871
Topic #: 1
[All AWS Certified Cloud Practitioner Questions]

A developer wants to use an Amazon S3 bucket to store application logs that contain sensitive data.

Which AWS service or feature should the developer use to restrict read and write access to the S3 bucket?

  • A. Security groups
  • B. Amazon CloudWatch
  • C. AWS CloudTrail
  • D. ACLs
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by grzeev at June 12, 2023, 9:40 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Zonci
Highly Voted 1 year, 10 months ago
Selected Answer: D
D. ACLs (Access Control Lists) Access Control Lists (ACLs) in Amazon S3 allow you to control access to your S3 resources at a more granular level. With ACLs, you can specify individual permissions for different AWS accounts or groups of accounts. By configuring the ACLs for the S3 bucket, the developer can restrict read and write access to only authorized entities, ensuring the security of the sensitive application logs. Security groups (option A) are used for controlling inbound and outbound traffic to EC2 instances, not for controlling access to S3 buckets. Amazon CloudWatch (option B) is a monitoring service, and AWS CloudTrail (option C) is a service for logging and tracking API activity within your AWS account, but they are not directly related to restricting access to S3 buckets.
upvoted 6 times
...
atom101
Most Recent 1 year, 7 months ago
Selected Answer: D
Answer D: ACLs "Amazon S3 access control lists (ACLs) enable you to manage access to buckets and objects. Each bucket and object has an ACL attached to it as a subresource. It defines which AWS accounts or groups are granted access and the type of access. When a request is received against a resource, Amazon S3 checks the corresponding ACL to verify that the requester has the necessary access permissions." https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html Answer A is wrong because a security group acts as a firewall that controls the traffic allowed to and from the resources in your virtual private cloud (VPC). Answer B is wrong because Amazon CloudWatch monitors your AWS resources and the applications you run on AWS in real time. Answer C is wrong because CloudTrail monitors actions taken by a user or a role as an event. It does not prevent users or roles from performing certain actions.
upvoted 1 times
...
Pranava_GCP
1 year, 9 months ago
Selected Answer: D
D. ACLs
upvoted 1 times
...
arjundeepti
1 year, 9 months ago
D is the Answer
upvoted 1 times
...
jahmad0730
1 year, 9 months ago
D ACLS
upvoted 1 times
...
grzeev
1 year, 10 months ago
Selected Answer: D
Amazon S3 access control lists (ACLs) enable you to manage access to S3 buckets and objects. Every S3 bucket and object has an ACL attached to it as a subresource. The ACLs define which AWS accounts or groups are granted access along with the type of access c
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago