A Security Administrator has a website hosted in Amazon S3. The Administrator has been given the following requirements: Users may access the website by using an Amazon CloudFront distribution. Users may not access the website directly by using an Amazon S3 URL. Which configurations will support these requirements? (Choose two.)
A) Associate an origin access identity with the CloudFront distribution.
B) Implement a "Principal": "cloudfront.amazonaws.com" condition in the S3 bucket policy. Implement a "Principal": "cloudfront.amazonaws.com" condition in the S3 bucket policy.
C) Modify the S3 bucket permissions so that only the origin access identity can access the bucket contents.
D) Implement security groups so that the S3 bucket can be accessed only by using the intended CloudFront distribution.
E) Configure the S3 bucket policy so that it is accessible only through VPC endpoints, and place the CloudFront distribution into the specified VPC.
Correct Answer:
Verified
Q2: During a recent internal investigation, it was
Q3: A Security Engineer has created an Amazon
Q4: An organization wants to deploy a three-tier
Q5: An application has a requirement to be
Q6: A Security Engineer must design a solution
Q8: A water utility company uses a number
Q9: A threat assessment has identified a risk
Q10: An organization has a system in AWS
Q11: An organization policy states that all encryption
Q12: A company will store sensitive documents in
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents