Topic 1 Question 53
A company needs to store its accounting records in Amazon S3. The records must be immediately accessible for 1 year and then must be archived for an additional 9 years. No one at the company, including administrative users and root users, can be able to delete the records during the entire 10-year period. The records must be stored with maximum resiliency. Which solution will meet these requirements?
Store the records in S3 Glacier for the entire 10-year period. Use an access control policy to deny deletion of the records for a period of 10 years.
Store the records by using S3 Intelligent-Tiering. Use an IAM policy to deny deletion of the records. After 10 years, change the IAM policy to allow deletion.
Use an S3 Lifecycle policy to transition the records from S3 Standard to S3 Glacier Deep Archive after 1 year. Use S3 Object Lock in compliance mode for a period of 10 years.
Use an S3 Lifecycle policy to transition the records from S3 Standard to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 1 year. Use S3 Object Lock in governance mode for a period of 10 years.
ユーザの投票
コメント(17)
- 正解だと思う選択肢: C
A and B are ruled out as you need them to be accessible for 1 year and using control policy or IAM policies, the administrator or root still has the ability to delete them. D is ruled out as it uses One Zone-IA, but requirement says max- resiliency. SO- C should be the right answer.
👍 4Nandan7472022/12/19 - 正解だと思う選択肢: C
In compliance mode, a protected object version can't be overwritten or deleted by any user, including the root user in your AWS account. https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html
👍 311pantheman112023/04/26 - 正解だと思う選択肢: C
A-Wrong as the records must be immediately accessble for the first year. B-The question never mentioned about the records can be deleted or modified after 10-year period. D-It does not fulfill the condition of securing resiliency; you need multi-AZ to guarantee it.
Therefore, the answer is C.
👍 2airraid20102022/11/06
シャッフルモード