ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SysOps Administrator - Associate All Questions

View all questions & answers for the AWS Certified SysOps Administrator - Associate exam
Go to Exam

Exam AWS Certified SysOps Administrator - Associate topic 1 question 159 discussion

Exam question from Amazon's AWS Certified SysOps Administrator - Associate
Question #: 159
Topic #: 1
[All AWS Certified SysOps Administrator - Associate Questions]

A global company handles a large amount of personally identifiable information (PII) through an internal web portal. The company’s application runs in a corporate data center that is connected to AWS through an AWS Direct Connect connection. The application stores the PII in Amazon S3. According to a compliance requirement, traffic from the web portal to Amazon S3 must not travel across the internet.

What should a SysOps administrator do to meet the compliance requirement?

  • A. Provision an interface VPC endpoint for Amazon S3. Modify the application to use the interface endpoint.
  • B. Configure AWS Network Firewall to redirect traffic to the internal S3 address.
  • C. Modify the application to use the S3 path-style endpoint.
  • D. Set up a range of VPC network ACLs to redirect traffic to the internal S3 address.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Liongeek at Nov. 16, 2022, 8:45 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Xelnak
Highly Voted 1 year, 5 months ago
Selected Answer: A
Using the interface endpoint, applications in your on-premises data center can easily query S3 buckets over AWS Direct Connect or Site-to-Site VPN. https://aws.amazon.com/blogs/architecture/choosing-your-vpc-endpoint-strategy-for-amazon-s3/
upvoted 6 times
...
Christina666
Highly Voted 9 months, 2 weeks ago
Selected Answer: A
Key words: data traffic not cross internet-> S3 interface endpoint If inside VPC, then S3 gateway endpoint
upvoted 6 times
satamex
7 months, 1 week ago
Your explanations are always great.. kudos..
upvoted 4 times
...
...
michaldavid
Most Recent 1 year, 4 months ago
Selected Answer: A
aaaaaa
upvoted 2 times
...
beznika
1 year, 5 months ago
This question is written wrong. For S3 there is no interface VPC endpoint. S3 and DynamoDB uses VPC Gateway Endpoint. Interface VPC endpoints require ENI and S3 doesn't use it.
upvoted 2 times
beznika
1 year, 4 months ago
A answer is still correct but I was wrong about the S3, it can use both VPC gateway endpoint and interface VPC endpoint.
upvoted 3 times
...
...
Liongeek
1 year, 5 months ago
Ans: A!
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago