ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 189 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 189
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company uses HTTP Live Streaming (HLS) to stream live video content to paying subscribers by using Amazon CloudFront. HLS splits the video content into chunks so that the user can request the right chunk based on different conditions. Because the video events last for several hours, the total video is made up of thousands of chunks.

The origin URL is not disclosed, and every user is forced to access the CloudFront URL. The company has a web application that authenticates the paying users against an internal repository and a CloudFront key pair that is already issued.

What is the simplest and MOST effective way to protect the content?

  • A. Develop the application to use the CloudFront key pair to create signed URLs that users will use to access the content.
  • B. Develop the application to use the CloudFront key pair to set the signed cookies that users will use to access the content.
  • C. Develop the application to issue a security token that Lambda@Edge will receive to authenticate and authorize access to the content.
  • D. Keep the CloudFront URL encrypted inside the application, and use AWS KMS to resolve the URL on-the-fly after the user is authenticated.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Bad_Mat at Oct. 21, 2024, 4:02 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kaps443
2 months, 1 week ago
Selected Answer: B
Since HLS (HTTP Live Streaming) breaks the video into many small chunks (thousands per stream), using signed URLs for every chunk (Option A) would be inefficient and hard to manage. Instead, the simplest and most effective solution is to use CloudFront signed cookies (Option B).
upvoted 2 times
...
Pat9595
4 months, 4 weeks ago
Selected Answer: B
B. Develop the application to use the CloudFront key pair to set the signed cookies that users will use to access the content. ✅ Why? HLS uses thousands of chunks per video stream. If you use signed URLs (Option A), the application would need to generate a signed URL for each chunk, creating unnecessary overhead. Signed cookies allow multiple requests to be authenticated with a single authentication step. This is more efficient for streaming, as the client can request all chunks without needing new signed URLs each time. The origin URL is hidden behind CloudFront, ensuring users can only access content through the authorized method.
upvoted 2 times
...
youonebe
5 months, 3 weeks ago
Selected Answer: B
Signed URLs are effective but less efficient than signed cookies for HLS or other scenarios involving many pieces of content. For HLS, where multiple chunks are requested over time, generating signed URLs for each request could become cumbersome and inefficient. Signed cookies are a more scalable solution in such cases. Signed cookies allow the application to grant access to multiple pieces of content (like thousands of video chunks in the case of HLS) without needing to generate signed URLs for each request. This is especially useful for cases where there are many content requests, such as when streaming video or serving large amounts of data that would involve many individual URLs (as in HLS).
upvoted 2 times
...
TareDHakim
5 months, 3 weeks ago
Selected Answer: A
is is MOST efficient A using Signed URLs work well for single object access but are inefficient for HLS, which involves thousands of chunk requests. Generating a unique signed URL for each chunk is operationally complex and may degrade performance.
upvoted 1 times
...
sendjawemail
5 months, 4 weeks ago
Selected Answer: B
For HLS content, use signed cookies https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-choosing-signed-urls-cookies.html
upvoted 3 times
...
IPLogic
6 months, 3 weeks ago
Selected Answer: A
The simplest and most effective way to protect the content is: A. Develop the application to use the CloudFront key pair to create signed URLs that users will use to access the content. Using signed URLs ensures that only authenticated users can access the content by including additional information such as an expiration date and time in the URL. This method is straightforward to implement and provides robust security for your streaming content.
upvoted 1 times
IPLogic
6 months, 3 weeks ago
Option B, which involves using signed cookies, is also a valid approach for protecting content. However, it is generally more complex to implement compared to signed URLs. Here are some key differences: Flexibility: Signed URLs provide more granular control over access to specific resources, which can be beneficial for streaming scenarios where each chunk is a separate resource. In summary, while both methods can secure your content, signed URLs are often simpler and more straightforward to implement for streaming individual video chunks.
upvoted 1 times
...
...
Bad_Mat
8 months, 1 week ago
The answer is B. "signed cookies"
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel