exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 60 discussion

A company has a new partnership with a vendor. The vendor will process data from the company's customers. The company will upload data files as objects into an Amazon S3 bucket. The vendor will download the objects to perform data processing. The objects will contain sensitive data.
A security engineer must implement a solution that prevents objects from residing in the S3 bucket for longer than 72 hours.
Which solution will meet these requirements?

  • A. Use Amazon Macie to scan the S3 bucket for sensitive data every 72 hours. Configure Macie to delete the objects that contain sensitive data when they are discovered.
  • B. Configure an S3 Lifecycle rule on the S3 bucket to expire objects that have been in the S3 bucket for 72 hours.
  • C. Create an Amazon EventBridge scheduled rule that invokes an AWS Lambda function every day. Program the Lambda function to remove any objects that have been in the S3 bucket for 72 hours.
  • D. Use the S3 Intelligent-Tiering storage class for all objects that are uploaded to the S3 bucket. Use S3 Intelligent-Tiering to expire objects that have been in the $3 bucket for 72 hours.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
100fold
Highly Voted 1 year, 1 month ago
Selected Answer: B
B https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html https://docs.aws.amazon.com/AmazonS3/latest/userguide/how-to-set-lifecycle-configuration-intro.html
upvoted 6 times
...
navid1365
Most Recent 6 months, 3 weeks ago
Selected Answer: B
For sure it's B.
upvoted 1 times
...
Raphaello
9 months, 2 weeks ago
Selected Answer: B
Correct answer is B. The question tries to trick to select Macie, since data contains sensitive data, but Macie discover and classify data, and send findings to SecurityHub or EventBridge for any action that might be needed. It does NOT delete objects. Another thing is that S3 object lifecycle is used for 2 roles, both transition and EXPIRATION of objects. B is the correct answer.
upvoted 1 times
...
Aamee
1 year ago
Selected Answer: B
B is self-explanatory and sufficient.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...