ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 27 discussion

Exam question from Amazon's AWS-SysOps
Question #: 27
Topic #: 1
[All AWS-SysOps Questions]

Which of the following statements about this S3 bucket policy is true?

  • A. Denies the server with the IP address 192 168 100 0 full access to the "mybucket" bucket
  • B. Denies the server with the IP address 192 168 100 188 full access to the "mybucket" bucket
  • C. Grants all the servers within the 192 168 100 0/24 subnet full access to the "mybucket" bucket
  • D. Grants all the servers within the 192 168 100 188/32 subnet full access to the "mybucket" bucket
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html http://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
by kkwang at Sept. 30, 2019, 2:30 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
karmaah
Highly Voted 11 months ago
Answer is C : ************* Answers A & B mentioning 192.166.100 Series. Which is not mentioned in the policy. Hence Both are Incorrect. Ans C - Exactly fits inthe allowed IP address list. 192.168.100.0/24 Provides total list of 256 IPs. Start IP : 192.168.100.0 End IP : 192.168.100.255 Ans D is Incorrect since 92.168.100.188/32 Provides only one IP .,192.168.100.188
upvoted 7 times
shimmy
10 months ago
The answer is B. 192.166.100.88 is in the 192.166.100.0/24 subnet so if that IP is denied then the policy does not allow all IP addresses in the 192.166.100.0/24 subnet. C is incorrect.
upvoted 3 times
...
Saaho
10 months, 1 week ago
If Ans D is wrong, answer C is wrong as well as 192.168.100.188/32 falls in 192.168.100.0/24 CIDR range
upvoted 3 times
...
Phil31
10 months, 1 week ago
Agree for the C, but in truth, the C is not really accurate because the policy allows all servers in the range 192.168.100.0/24 except for the address 192.168.100.88 which is included in the 192.168.100.0/24 range. This question is confusing.
upvoted 2 times
...
...
xxxdolorxxx
Most Recent 9 months, 2 weeks ago
I'm going with B.
upvoted 2 times
...
FFFCCCC33333
9 months, 2 weeks ago
B is the answer
upvoted 2 times
...
sunilpanda
9 months, 2 weeks ago
its B fqnn points is correct I think ans is B, because 192.168.100.188/32 (one machine) is included in 192.168.100.0/24 range, and deny rules has priority over allow rules
upvoted 2 times
...
fqnn
9 months, 2 weeks ago
I think ans is B, because 192.168.100.188/32 (one machine) is included in 192.168.100.0/24 range, and deny rules has priority over allow rules
upvoted 3 times
...
jchavarria12
9 months, 4 weeks ago
B and C, I think is a multi-option question
upvoted 1 times
...
angelsrp
10 months ago
Typo, I had this question in a aws course. Ans is B.
upvoted 2 times
...
dennismp
10 months, 1 week ago
B is the ans, both conditions must be true in this case.
upvoted 3 times
...
awscertified
10 months, 1 week ago
B. Denies the server with the IP address 192.166 100.188 full access to the "mybucket bucket
upvoted 1 times
...
allexxf
10 months, 3 weeks ago
A and B is correct - this policy dont allow access from ips 192.166.100.0 and 192.166.100.188 - only 192.168.100.0/24 (without 192.168.100.88)
upvoted 1 times
allexxf
10 months, 3 weeks ago
Or the answers have an error - 168 is needed instead of 166
upvoted 1 times
...
...
kkwang
11 months ago
B is the answer
upvoted 3 times
aksliveswithaws
10 months, 3 weeks ago
B is correct 192.168.100.88/32 is inside the block 192.168.100.0/24 Option C states Grants "All" the servers in the subnet 192.168.100.0/24 but 192.168.100.88/32 is blocked.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel