Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 243 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02

Question #: 243
Topic #: 1

[All AWS Certified Security - Specialty SCS-C02 Questions]

A company plans to create Amazon S3 buckets to store log data. All the S3 buckets will have versioning enabled and will use the S3 Standard storage class.

A security engineer needs to implement a solution that protects objects in the S3 buckets from deletion for 90 days. The solution must ensure that no object can be deleted during this time period, even by an administrator or the AWS account root user.

Which solution will meet these requirements?

A. Enable S3 Object Lock in governance mode. Set a legal hold of 90 days.
B. Enable S3 Object Lock in governance mode. Set a retention period of 90 days.
C. Enable S3 Object Lock in compliance mode. Set a retention period of 90 days.
D. Create an S3 Glacier Vault Lock policy that prevents deletion for 90 days.

Show Suggested Answer

Suggested Answer: C 🗳️

by phmeeeee at April 10, 2025, 1:36 p.m.

Disclaimers:

- ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Submit Cancel

phmeeeee

3 weeks, 2 days ago

Selected Answer: C

C - The compliance mode can't be deleted even adminstrator or root (this called WORM mode) A,B - The governance mode can be override by administrator or root. D - Glacier is another bucket type which is not s3 standard.

upvoted 1 times

...

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 243 discussion

Comments

phmeeeee

SY0-701