Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 102 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 102
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A security engineer needs to implement a write-once-read-many (WORM) model for data that a company will store in Amazon S3 buckets. The company uses the S3 Standard storage class for all of its S3 buckets. The security engineer must ensure that objects cannot be overwritten or deleted by any user, including the AWS account root user.

Which solution will meet these requirements?

  • A. Create new S3 buckets with S3 Object Lock enabled in compliance mode. Place objects in the S3 buckets.
  • B. Use S3 Glacier Vault Lock to attach a Vault Lock policy to new S3 buckets. Wait 24 hours to complete the Vault Lock process. Place objects in the S3 buckets.
  • C. Create new S3 buckets with S3 Object Lock enabled in governance mode. Place objects in the S3 buckets.
  • D. Create new S3 buckets with S3 Object Lock enabled in governance mode. Add a legal hold to the S3 buckets. Place objects in the S3 buckets.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by oioi at Nov. 23, 2023, 9:56 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Jamshif01
8 months, 2 weeks ago
A https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html
upvoted 1 times
...
confusedyeti69
10 months ago
Selected Answer: A
In compliance mode, a protected object version can't be overwritten or deleted by any user, including the root user in your AWS account. When an object is locked in compliance mode, its retention mode can't be changed, and its retention period can't be shortened. Compliance mode helps ensure that an object version can't be overwritten or deleted for the duration of the retention period. In governance mode, users can't overwrite or delete an object version or alter its lock settings unless they have special permissions. With governance mode, you protect objects against being deleted by most users, but you can still grant some users permission to alter the retention settings or delete the objects if necessary. You can also use governance mode to test retention-period settings before creating a compliance-mode retention period.
upvoted 4 times
...
kejam
10 months, 1 week ago
Selected Answer: A
https://aws.amazon.com/s3/features/object-lock/
upvoted 2 times
...
Aamee
10 months, 2 weeks ago
Selected Answer: A
Option A would work in this usecase.
upvoted 1 times
...
[Removed]
10 months, 2 weeks ago
Selected Answer: A
A rings the most bells
upvoted 1 times
...
oioi
10 months, 2 weeks ago
Selected Answer: A
coorect
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel