exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 746 discussion

A financial company is building a system to generate monthly, immutable bank account statements for its users. Statements are stored in Amazon S3. Users should have immediate access to their monthly statements for up to 2 years. Some users access their statements frequently, whereas others rarely access their statements. The company's security and compliance policy requires that the statements be retained for at least 7 years.
What is the MOST cost-effective solution to meet the company's needs?

  • A. Create an S3 bucket with Object Lock disabled. Store statements in S3 Standard. Define an S3 Lifecycle policy to transition the data to S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days. Define another S3 Lifecycle policy to move the data to S3 Glacier Deep Archive after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
  • B. Create an S3 bucket with versioning enabled. Store statements in S3 Intelligent-Tiering. Use same-Region replication to replicate objects to a backup S3 bucket. Define an S3 Lifecycle policy for the backup S3 bucket to move the data to S3 Glacier. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
  • C. Create an S3 bucket with Object Lock enabled. Store statements in S3 Intelligent-Tiering. Enable compliance mode with a default retention period of 2 years. Define an S3 Lifecycle policy to move the data to S3 Glacier after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
  • D. Create an S3 bucket with versioning disabled. Store statements in S3 One Zone-Infrequent Access (S3 One Zone-IA). Define an S3 Lifecycle policy to move the data to S3 Glacier Deep Archive after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Jaypdv
Highly Voted 3 years, 1 month ago
C. Object lock and compliance mode: https://aws.amazon.com/about-aws/whats-new/2018/11/s3-object-lock/. The rest makes the most sense
upvoted 18 times
...
ajchi1980
Most Recent 1 year, 5 months ago
Selected Answer: D
S3 Storage Class: Storing the statements in S3 One Zone-IA is cost-effective compared to S3 Standard or S3 Intelligent-Tiering. S3 One Zone-IA offers a lower storage cost but doesn't provide the same level of data durability as S3 Standard or S3 Intelligent-Tiering. However, the company can tolerate the reduced durability because the statements are also stored in Glacier for long-term retention. Lifecycle Policy: By defining an S3 Lifecycle policy to move the data to S3 Glacier Deep Archive after 2 years, the company can take advantage of the significantly lower storage cost of Glacier Deep Archive. This reduces the overall storage costs for the older statements that are rarely accessed. Glacier Vault Lock: Attaching an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old ensures compliance with the company's security and compliance policy. It prevents the deletion of any statement archives before the 7-year retention period expires.
upvoted 1 times
...
KennethTam
2 years, 8 months ago
Selected Answer: C
C is correct
upvoted 2 times
...
AzureDP900
2 years, 12 months ago
C is right answer
upvoted 2 times
...
cldy
2 years, 12 months ago
C. Create an S3 bucket with Object Lock enabled. Store statements in S3 Intelligent-Tiering. Enable compliance mode with a default retention period of 2 years. Define an S3 Lifecycle policy to move the data to S3 Glacier after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
upvoted 1 times
...
acloudguru
3 years ago
Selected Answer: C
C https://aws.amazon.com/about-aws/whats-new/2018/11/s3-object-lock/. The rest makes the most sense
upvoted 3 times
...
andylogan
3 years, 1 month ago
It's C
upvoted 1 times
...
Liongeek
3 years, 1 month ago
CCC because of Object lock
upvoted 2 times
...
tgv
3 years, 1 month ago
CCC ---
upvoted 1 times
...
blackgamer
3 years, 1 month ago
It is C
upvoted 1 times
...
Suresh108
3 years, 1 month ago
CCCCC -- 'object lock enabled'
upvoted 1 times
...
WhyIronMan
3 years, 1 month ago
I'll go with C, you convinced me
upvoted 2 times
...
vimgoru24
3 years, 1 month ago
C is far superior than any other answer
upvoted 1 times
...
hk436
3 years, 1 month ago
C is my answer!!
upvoted 1 times
...
vkbajoria
3 years, 1 month ago
C. if you don't know Object lock and compliance mode, you will surely get it wrong like I did. https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html
upvoted 3 times
...
Waiweng
3 years, 1 month ago
it's C
upvoted 3 times
...
beebatov
3 years, 1 month ago
Answer: C S3 Object Lock protection is maintained regardless of which storage class the object resides in and throughout S3 Lifecycle transitions between storage classes.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...