Topic 1 Question 60

AWS Certified Security - Specialty

Topic 1 Question 60
A company has a new partnership with a vendor. The vendor will process data from the company's customers. The company will upload data files as objects into an Amazon S3 bucket. The vendor will download the objects to perform data processing. The objects will contain sensitive data. A security engineer must implement a solution that prevents objects from residing in the S3 bucket for longer than 72 hours. Which solution will meet these requirements?
- Use Amazon Macie to scan the S3 bucket for sensitive data every 72 hours. Configure Macie to delete the objects that contain sensitive data when they are discovered.
- Configure an S3 Lifecycle rule on the S3 bucket to expire objects that have been in the S3 bucket for 72 hours.
- Create an Amazon EventBridge scheduled rule that invokes an AWS Lambda function every day. Program the Lambda function to remove any objects that have been in the S3 bucket for 72 hours.
- Use the S3 Intelligent-Tiering storage class for all objects that are uploaded to the S3 bucket. Use S3 Intelligent-Tiering to expire objects that have been in the $3 bucket for 72 hours.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: B
  B
  
  https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html https://docs.aws.amazon.com/AmazonS3/latest/userguide/how-to-set-lifecycle-configuration-intro.html
  
  👍 6
  100fold2024/04/18
- 正解だと思う選択肢: B
  B is self-explanatory and sufficient.
  
  👍 1
  Aamee2024/06/03
- 正解だと思う選択肢: B
  Correct answer is B. The question tries to trick to select Macie, since data contains sensitive data, but Macie discover and classify data, and send findings to SecurityHub or EventBridge for any action that might be needed. It does NOT delete objects.
  
  Another thing is that S3 object lifecycle is used for 2 roles, both transition and EXPIRATION of objects.
  
  B is the correct answer.
  
  👍 1
  Raphaello2024/08/20
シャッフルモード

ユーザの投票

コメント(4)