ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 149 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 149
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company needs a solution to protect critical data from being permanently deleted. The data is stored in Amazon S3 buckets.

The company needs to replicate the S3 objects from the company's primary AWS Region to a secondary Region to meet disaster recovery requirements. The company must also ensure that users who have administrator access cannot permanently delete the data in the secondary Region.

Which solution will meet these requirements?

  • A. Configure AWS Backup to perform cross-Region S3 backups. Select a backup vault in the secondary Region. Enable AWS Backup Vault Lock in governance mode for the backups in the secondary Region.
  • B. Implement S3 Object Lock in compliance mode in the primary Region. Configure S3 replication to replicate the objects to an S3 bucket in the secondary Region.
  • C. Configure S3 replication to replicate the objects to an S3 bucket in the secondary Region. Create an S3 bucket policy to deny the s3:ReplicateDelete action on the S3 bucket in the secondary Region.
  • D. Configure S3 replication to replicate the objects to an S3 bucket in the secondary Region. Configure S3 object versioning on the S3 bucket in the secondary Region.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Zek at May 13, 2024, 10:18 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Zek
Highly Voted 11 months, 2 weeks ago
B https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-replication
upvoted 6 times
...
youonebe
Most Recent 3 months, 2 weeks ago
Selected Answer: B
S3 Object Lock in compliance mode prevents objects from being deleted or overwritten, even by administrators. This would ensure that once the data is replicated to the secondary Region, it cannot be permanently deleted. Object Lock is a perfect fit for protecting critical data against accidental or malicious deletion.
upvoted 1 times
...
IPLogic
4 months, 3 weeks ago
Selected Answer: B
B. This solution ensures that the data is protected from being permanently deleted by using S3 Object Lock in compliance mode, which prevents even users with administrator access from deleting the objects. Additionally, configuring S3 replication will ensure that the objects are replicated to the secondary Region, meeting the disaster recovery requirements12.
upvoted 1 times
...
NimiBes
5 months, 3 weeks ago
Selected Answer: B
"You can use Object Lock with S3 Replication to enable automatic, asynchronous copying of locked objects and their retention metadata, across S3 buckets. This means that for replicated objects, Amazon S3 takes the object lock configuration of the source bucket. " Link: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-replication
upvoted 1 times
...
jade290
10 months, 3 weeks ago
Selected Answer: C
The question is limiting deletion only to the secondary region, not the primary. If you do an Object lock, then you cannot delete in the primary or secondary region. https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-replication --> Section titled "Using Object Lock with S3 Replication"
upvoted 1 times
helloworldabc
7 months, 1 week ago
just B
upvoted 1 times
...
chiajy
10 months, 3 weeks ago
First glance, wanted to go with C. But after reading the question a few more times, decided to go with B. Earlier statement mentioned company needs to protect critical data. I would assume this already includes primary region. Then later statement mentioned "The company must also ensure...." and that includes secondary region.
upvoted 2 times
...
...
fibonacciname
11 months, 1 week ago
Selected Answer: B
B is correct
upvoted 3 times
...
Certified101
11 months, 1 week ago
Selected Answer: B
B agree
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago