A company uses Amazon S3 to store its confidential audit documents. The S3 bucket uses bucket policies to restrict access to audit team IAM user credentials according to the principle of least privilege. Company managers are worried about accidental deletion of documents in the S3 bucket and want a more secure solution. What should a solutions architect do to secure the audit documents?
A) Enable the versioning and MFA Delete features on the S3 bucket.
B) Enable multi-factor authentication (MFA) on the IAM user credentials for each audit team IAM user account.
C) Add an S3 Lifecycle policy to the audit team's IAM user accounts to deny the s3:DeleteObject action during audit dates.
D) Use AWS Key Management Service (AWS KMS) to encrypt the S3 bucket and restrict audit team IAM user accounts from accessing the KMS key.
Correct Answer:
Verified
Q170: A company runs an application on an
Q171: A company is hosting 60 TB of
Q172: A company has an on-premises volume backup
Q173: A company is backing up on-premises databases
Q174: A company owns an asynchronous API that
Q176: A solutions architect is designing a new
Q177: A company has developed a microservices application.
Q178: The financial application at a company stores
Q179: A company is developing an ecommerce application
Q180: A company serves a multilingual website from
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents