A company needs to provide digital evidence to a security engineer for analysis. The evidence must be encrypted and the immutability of the source data must be maintained. What is the MOST secure solution that meets these requirements?
A.
Upload the digital evidence to a new Amazon S3 bucket. Set up an S3 Lifecycle configuration to move the data to S3 Glacier. Configure S3 Glacier with a vault lock policy.
B.
Upload the digital evidence to a new Amazon S3 bucket with S3 Object Lock enabled. Implement server-side encryption with AWS Key Management Service (AWS KMS).
C.
Upload the digital evidence to a new Amazon S3 bucket Configure an S3 bucket policy. Enable S3 Versioning and MFA Delete. Use S3 presigned URLs.
D.
Launch an Amazon EC2 instance. Store the digital evidence on an attached Amazon Elastic Block Store (Amazon EBS) volume. Enable termination protection, isolate the EC2 instance and take a snapshot of the EBS volume.
Object Lock provides two ways to manage object retention: retention periods and legal holds.
Retention period — Specifies a fixed period of time during which an object remains locked. During this period, your object is WORM-protected and can't be overwritten or deleted. For more information, see Retention periods
Legal hold — Provides the same protection as a retention period, but it has no expiration date. Instead, a legal hold remains in place until you explicitly remove it. Legal holds are independent from retention periods. For more information, see Legal holds. B
With S3 Object Lock, you can store objects using a write-once-read-many (WORM) model. Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html
Uploading the digital evidence to a new Amazon S3 bucket with S3 Object Lock enabled and implementing server-side encryption with AWS Key Management Service (AWS KMS) would provide the necessary security and immutability for the digital evidence.
With S3 Object Lock, you can store objects using a write-once-read-many (WORM) model. Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely. You can use Object Lock to help meet regulatory requirements that require WORM storage, or to simply add another layer of protection against object changes and deletion.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Toptip
1 year, 11 months agoITGURU51
2 years agosakibmas
2 years, 4 months agoITGURU51
2 years agoHieuTT
2 years, 6 months agosapien45
2 years, 8 months agoMungKey
2 years, 8 months agoCuLeBrO
2 years, 8 months ago